Hacker News new | past | comments | ask | show | jobs | submit login

Is that really the responsibility of the person making the card?

This is the responsibility of the creators of the USB hardware, firmware, motherboard firmware, electrical design, OS developers / driver developers.

It should be safe to plug in a USB device by default




The whole beauty of USB ports is that we have one unified interface for practically everything. It can't be safe without giving that up, adding some friction to user interaction, or doing some dark art involving centrally signed devices that we expect won't be broken. If anybody can produce storage and input devices that plug into a universal port and just work, malicious input devices can be made to physically look like storage devices in the eyes of the user. I'm not saying we shouldn't make more security conscious tradeoffs, I'm just saying that there are tradeoffs to be made, and most users probably won't appreciate the added friction.


should be safe, in theory, sure. But in practice?


Then we should stop any form of communication.

In practice it can be safe on multiple levels. He could’ve also just put some malware I. A pdf or word document, as word is what recruiters want.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: