Not only that, but adding HID classes like BT, with specific access only allowed for certain classes. a keyboard can only be a keyboard, storage can only act as storage. It works great. You can even half multiple roles, and at least in android you can limit what profile a device uses, and it shows what profiles a device asks for.

But that's a problem for devices like the MS Surface series, where the trackpad is recognized as a keyboard if you don't have a (recent) Linux kernel with Surface support. If you define HID classes, then you will have the exact same problem as w/o the right kernel: the whole thing is recognized as a keyboard. I know that the Surface series is one of the few where that happens currently but there are more devices like that coming, Lenovo also has a similar device and there are more manufacturers working on these kind of devices.

But USB is insecure.
A device can act as a keyboard and execute commands as if they were typed by a user.

FireWire and Thunderbolt are even worse, they have DMA and can read the RAM.

All true, same goes for SATA and SAS, and don't even get me started on PCI Express!! These interfaces are all so bad, they're racist, and they're causing global warming too.

All true, same goes for SATA and SAS, and don't even get me started on PCI Express!! These interfaces are all so bad, they're racist, and they're causing global warming too.

But USB is insecure.
A device can act as a keyboard and execute commands as if they were typed by a user.

FireWire and Thunderbolt are even worse, they have DMA and can read the RAM.

Having it work kinda like Bluetooth where you need to pair the devices would solve most of the issues. Of course this should be required only by input devices. I don't think there is massive need to encrypt the communication over the wire to avoid hardware keyloggers, but that might be cool to have too.

When you connect a HID device you get a popup saying "hey I detected keyboard with serial number 536827474, authorize its use with your root password" (and you can write your root password with it but it cannot do anything else like using desktop shortcuts or whatever to try to break into your system)

With mice it can show an on-screen keyboard and limit mouse input from that device on that part.

But something like this is not exactly trivial to implement and would break compatibility with most HID devices around. It would be a slaughter the same as the "free upgrade" to Win10.

Fun fact: when pairing bluetooth keyboards they ask you to write the keyboard's own password by typing on it, and it's plain retarded for a security standpoint, but we all know Bluetooth is unsafe anyway.

I have a Dell Dock WD15 which is a USB type-C to USB type-A hub with ethernet and HDMI/DisplayPort ports. The only thing that really works on with my Ubuntu 16.10 system is the Display Port pass through. At first everything works but then after a say a minute only the video pass through still works. I'm greatly looking forward to better Type-C port support.