Skip to main content

lemmy - Link to source

Do you protect your USB port?
...by physically removing a port (who would do that) or using the software?

GitHub - USBShield/USBShield: USBShield protects your Windows from unauthorized USB devices

USBShield protects your Windows from unauthorized USB devices - USBShield/USBShield
GitHub
#privacy
in reply to j1racoon

BCsven
lemmy - Link to source
BCsven

The software locks out the auto discover and auto config of attached devices, unless they are in an allow list.

Same like some android phone models where you can turn off USB port to protect your phone from being infiltrated.

I did work at a place that filled the USB ports with HotGlue to stop workers loading movies on the computers on night shift

This entry was edited (3 weeks ago)
in reply to BCsven

MonkderVierte
lemmy - Link to source
MonkderVierte
to stop workers loading movies on the computers on night shift


Lol, did it work?

in reply to MonkderVierte

BCsven
lemmy - Link to source
BCsven
Yes because the keyboard and mouse were via the serial PS connectors, but the IT dudes could have just opened the case and unplugged the USB headers instead of permanently filling the slots with glue.
in reply to j1racoon

Scott 🇨🇦🏴‍☠️
lemmy - Link to source
Scott 🇨🇦🏴‍☠️
I have the port set to "Charge only when locked". I never use public charging stations.
in reply to Scott 🇨🇦🏴‍☠️

Ferrous
lemmy - Link to source
Ferrous

This is the best strategy.

However, if you ever knew youd NEED to use public charging, check out USB condom adapters. They open circuit the data pins.

in reply to Scott 🇨🇦🏴‍☠️

JustEnoughDucks
lemmy - Link to source
JustEnoughDucks
Sony, in their infinite wisdom, defaults full data without the ability to choose a default, you can only deny upon plugging it in and it will eventually revert back to full data anyway
in reply to j1racoon

ParlimentOfDoom
piefed - Link to source
ParlimentOfDoom
Yes. It's inside my house where no one else can get to it.
in reply to j1racoon

Chemical Wonka
lemmy - Link to source
Chemical Wonka
You cant protect yourself from Microsoft that is the biggest threat
in reply to Chemical Wonka

ell1e
lemmy - Link to source
ell1e
I agree. Kind of would seem more useful to have such a UI on Linux.
in reply to ATS1312

Orphigle
lemmy - Link to source
Orphigle

True, USBGuard is using a mechanism that has been present on Linux since year 2007.

kernel.org/doc/Documentation/u…

This entry was edited (2 weeks ago)
in reply to j1racoon

Samsy
lemmy - Link to source
Samsy
Do you protect your USB port?


Sure, I've got my HPV vaccination.

in reply to Samsy

ExcessShiv
lemmy - Link to source
ExcessShiv
What would USB stand for in this? Under Sheets Buddy?
in reply to j1racoon

ell1e
lemmy - Link to source
ell1e
Is there a similar program for Linux?
in reply to ell1e

xvertigox
lemmy - Link to source
xvertigox
When I plug a USB device in on KDE I get prompted to see if I want to mount it or not.
in reply to xvertigox

hexagonwin
lemmy - Link to source
hexagonwin
the usb device is auto detected and activated, it's just asking you to mount if it happens to be a storage device
in reply to xvertigox

ell1e
lemmy - Link to source
ell1e
I think to be fully safe, you would have to get prompted for any type of USB device including a mouse and keyboard. At least I think that's the idea of USBGuard.
This entry was edited (2 weeks ago)
in reply to ell1e

SurpriseWaterfall
lemmy - Link to source
SurpriseWaterfall
Linux has USBGuard and is likely in your distro's repos. It operates the same way with having rules on which usb devices to allow

GitHub - USBGuard/usbguard: USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)

USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with t...
GitHub
in reply to ell1e

utopiah
lemmy - Link to source
utopiah
Be mindful that such a program would have to be safer than the situation without. A program on a public repository that isn't used by any distribution, isn't audited, hasn't a lot of comments (and thus eyes on its code) might be a disproportionate risk compared to the default settings of a popular open source distribution IMHO.
This entry was edited (2 weeks ago)
in reply to j1racoon

FreddiesLantern
lemmy - Link to source
FreddiesLantern

Shouldn’t you rather protect your usb ports from Windows?

(Kidding,… or am I?)

in reply to j1racoon

Matt
lemmy - Link to source
Matt
GrapheneOS allows you to disable it. I just charge mine wirelessly, though if the charger supports MagSafe, then you'll need to buy a MagSafe case for your Pixel, since built-in magnets are waaay too weak.
in reply to j1racoon

yannic
lemmy - Link to source
yannic
Which Windows? My south-facing ones?
in reply to yannic

IratePirate
lemmy - Link to source
IratePirate
Yo, dawg! I heard you like Linux! So we removed all the windows from your car!
in reply to j1racoon

vaionko
lemmy - Link to source
vaionko
No? I just don't plug random shit in my computer.
in reply to vaionko

Orphigle
lemmy - Link to source
Orphigle
What, if somebody else does while you're not looking?
in reply to Orphigle

vaionko
lemmy - Link to source
vaionko
I never leave my laptop unsupervised, I'm more concerned about it getting stolen than malicius USB devices. And if someone gets to my desktop while I'm not looking, I've got bigger problems.