On Friday, December 6, 2019 6:52:30 AM MST Marius Schwarz wrote:
If you just go and buy some cheap usb drives from a single seller,
you
can endup with the same serial numbers on several drives and i'm not
surprised if they also clone any other IDs.
The serial number doesn't actually matter, and the VID/PID is actually
expected to be the same for the same product. That's how what I was suggesting
would actually work, you're trusting essentially *that model* and the kernel
module that Linux maps it to.
It's not foolproof, as BadUSB is pretty common, but it'd be better than
nothing.
I think a "we do our best" approach is here really better
than doing
nothing at all.
if possible, powering down the usb connectors when they are not in use,
would be a good idea. That still does not protect from destructive
fake-usb devices, but simply inserting something in an open port, would
not work anymore.
The viability of that would depend heavily on the hubs in use.
I know that not all usb io hw supports it, but when, it should be
done.
...as you pointed out. :)
--
John M. Harris, Jr.
Splentity