Brodie RobertsonMar 25, 2024
How many hacking movies would be over before they started if the admin just enabled usb authorization
Show threadKevin Karhan Mar 25, 2024

@BrodieOnLinux You know that aside from very, very few business devices one.can't even configure this at all?

Like I know that Thin Clients and ThinkPads allow kilking all ISB in the UEFI but normal.consumer systems jist don't allow that!

Show threadBrodie RobertsonMar 25, 2024
@kkarhan For 5 years there's been kernel usb authorization and we also have user space policy solutions like USBGuard
Show threadKevin Karhan 

@BrodieOnLinux So I guess I've to blame #Linux distros like @ubuntu that don't offer that in their settings...

Needless to say USB-IDs are trivial to copy and clone so that won't stop anything from like #PwnPi ALOA from working because there isn't any form of authentification or (integirty) checks or encryption whatsoever on #USB...

https://github.com/greyhat-academy/lists.d/blob/main/usb.devices.list.tsv

lists.d/usb.devices.list.tsv at main · greyhat-academy/lists.d

List of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.

GitHub
Mar 25, 2024 at 5:08amWeb