On Friday, December 6, 2019 6:52:30 AM MST Marius Schwarz wrote: > If you just go and buy some cheap usb drives from a single seller, you > can endup with the same serial numbers on several drives and i'm not > surprised if they also clone any other IDs.
The serial number doesn't actually matter, and the VID/PID is actually expected to be the same for the same product. That's how what I was suggesting would actually work, you're trusting essentially *that model* and the kernel module that Linux maps it to. It's not foolproof, as BadUSB is pretty common, but it'd be better than nothing. > I think a "we do our best" approach is here really better than doing > nothing at all. > > if possible, powering down the usb connectors when they are not in use, > would be a good idea. That still does not protect from destructive > fake-usb devices, but simply inserting something in an open port, would > not work anymore. The viability of that would depend heavily on the hubs in use. > I know that not all usb io hw supports it, but when, it should be done. ...as you pointed out. :) -- John M. Harris, Jr. Splentity _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
