Linux 6.13 To Enhance Logic For Trusting Built-In Thunderbolt Controllers

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • billyswong
    Senior Member
    • Aug 2020
    • 699

    #11
    Originally posted by uid313 View Post

    Then it should require input devices to be present before boot.
    It should display a message like "a input device has been plugged in, if you want to use it, you have to reboot".
    Or it needs to be whitelisted in the UEFI settings so that UEFI can use it, but the OS can only allow inputs from an input device after it has been whitelisted in the UEFI.
    This sounds like the PS2 port days. The market seems to dislike that.

    Comment

    • reba
      Senior Member
      • May 2020
      • 673

      #12
      Originally posted by uid313 View Post
      No the user wouldn't because the user wouldn't know about it because the USB device would inject the keypresses when the computer was idle and the user not present at the computer. The strange behavior would be so fast to open a terminal, and run some command that the user wouldn't even notice it even if he was there. Even if the user saw it, the user would just ignore it and think it was some normal system update operation happening in the background.​
      If you leave your system unlocked when you leave it/go away fault is on you.
      Rubber Duck, Flipper and Co can input all the keystrokes they want if they end up on the lock screen and get counted as invalid logins, shown to you when you come back to the computer.
      For example with swaylock --show-failed-attempts

      Originally posted by uid313 View Post
      No, you can plugin any USB device and the system will blindly trust it.
      Because it is configured to do so. There is no technical reason the OS trusts plugged in devices.

      Originally posted by uid313 View Post
      Then it should require input devices to be present before boot.
      It should display a message like "a input device has been plugged in, if you want to use it, you have to reboot".
      Or it needs to be whitelisted in the UEFI settings so that UEFI can use it, but the OS can only allow inputs from an input device after it has been whitelisted in the UEFI.
      reboot? This isn't Windows

      Comment

      • reba
        Senior Member
        • May 2020
        • 673

        #13
        Originally posted by uid313 View Post

        The NSA and spy agencies have something similar but very much smaller, it looks like a normal USB cable but acts as keyboard and has a built-in Wi-Fi so you can connect to it remotely.
        You can buy these from basic retail, so old is this concept.

        Comment

        Working...
        X