
Plug-and-play sanitization of USB thumb drives - sciurus
https://lwn.net/Articles/626559/
======
revelation
I think they missed the part where the untrusted USB stick pretends its a
keyboard and manipulates the trusted USB stick.

The problem with USB sticks is not whats on them but USB itself.

~~~
rdc12
They covered that towards the end.

There are still areas where CIRCLean can be improved. For example, there is an
issue open to deal with BadUSB-style attacks, in which a thumb drive mimics
another device type (such as a keyboard) with malicious intent. Vinot has
indicated one possible solution already: blacklisting all non–mass-storage USB
kernel modules. Without USB HID support in the kernel, a malicious drive
cannot mimic a keyboard. In an email, Vinot described a few other ideas, such
as converting PDFs to the more restrictive PDF/A format before converting them
to HTML.

------
gengkev
Why not open the PDFs using Mozilla's PDF.js project instead of converting
them to HTML?

