Re: Concrete ideas for the December-March OPW?

[Hans Petter Jansson <hpj copyleft no>]

On Tue, 2014-10-28 at 10:59 +0100, Tobias Mueller wrote:
> On Mon, Oct 27, 2014 at 06:17:21PM -0600, Federico Mena Quintero wrote:

> One of mine is to implement something that disables the USB ports.
> Sounds like a silly idea, but USB creates a large attack surface and we
> have seen many malicious devices.  And, FWIW, I have investigated USB security 
> myself¹ and think it's worthwhile to limit its availability ;-)
>
> Anyway, we might only want to disable USB while the lockscreen is on
> and re-enable when the lockscreen has been unlocked.
> A first step towards this goal might be to write a tiny program that does
> nothing else but disable USB while it's running and re-enable when it is 
> exiting. Then, one could write an application with a toggle button that
> toggles the availabilty of the USB. Finally, one can think of integrating that 
> with the lockscreen.

I like this idea. It fits well with the lock screen because it offers
some protection against local, physical attacks where the attacker has
only a couple of minutes to pull it off (much longer than that and
you're probably toast anyway).

It might be a good idea to leave alone USB devices (keyboard, mouse),
mounts and ongoing file transfers already present when the lock screen
comes up. Would it be enough to just prevent new USB devices from being
added? If so, how do we handle the case where the user tries to change
their keyboard while the lock screen is up? Would a device whitelist be
reliable, so he could at least re-plug his old keyboard and log back in
using that?

-- 
Hans Petter