…by physically removing a port (who would do that) or using the software?
Which Windows? My south-facing ones?
Yo, dawg! I heard you like Linux! So we removed all the windows from your car!
Yes. It’s inside my house where no one else can get to it.
Shouldn’t you rather protect your usb ports from Windows?
(Kidding,… or am I?)
No? I just don’t plug random shit in my computer.
What, if somebody else does while you’re not looking?
I never leave my laptop unsupervised, I’m more concerned about it getting stolen than malicius USB devices. And if someone gets to my desktop while I’m not looking, I’ve got bigger problems.
I have the port set to “Charge only when locked”. I never use public charging stations.
Sony, in their infinite wisdom, defaults full data without the ability to choose a default, you can only deny upon plugging it in and it will eventually revert back to full data anyway
This is the best strategy.
However, if you ever knew youd NEED to use public charging, check out USB condom adapters. They open circuit the data pins.
You cant protect yourself from Microsoft that is the biggest threat
I agree. Kind of would seem more useful to have such a UI on Linux.
USBGuard was on Linux first.
True, USBGuard is using a mechanism that has been present on Linux since year 2007.
https://www.kernel.org/doc/Documentation/usb/authorization.txt
Windows? Why bother.
The software locks out the auto discover and auto config of attached devices, unless they are in an allow list.
Same like some android phone models where you can turn off USB port to protect your phone from being infiltrated.
I did work at a place that filled the USB ports with HotGlue to stop workers loading movies on the computers on night shift
to stop workers loading movies on the computers on night shift
Lol, did it work?
Yes because the keyboard and mouse were via the serial PS connectors, but the IT dudes could have just opened the case and unplugged the USB headers instead of permanently filling the slots with glue.
GrapheneOS allows you to disable it. I just charge mine wirelessly, though if the charger supports MagSafe, then you’ll need to buy a MagSafe case for your Pixel, since built-in magnets are waaay too weak.
Is there a similar program for Linux?
Linux has USBGuard and is likely in your distro’s repos. It operates the same way with having rules on which usb devices to allow
So, uh, a udev GUI?
Be mindful that such a program would have to be safer than the situation without. A program on a public repository that isn’t used by any distribution, isn’t audited, hasn’t a lot of comments (and thus eyes on its code) might be a disproportionate risk compared to the default settings of a popular open source distribution IMHO.
When I plug a USB device in on KDE I get prompted to see if I want to mount it or not.
I think to be fully safe, you would have to get prompted for any type of USB device including a mouse and keyboard. At least I think that’s the idea of USBGuard.
Ah, that makes sense, cheers.
the usb device is auto detected and activated, it’s just asking you to mount if it happens to be a storage device
That’s true, I understand the need for USBGuard now.
Do you protect your USB port?
Sure, I’ve got my HPV vaccination.
What would USB stand for in this? Under Sheets Buddy?
