Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2

[Eddie Chapman <eddie () ehuk net>]

On 22/08/2019 20:00, Perry E. Metzger wrote:
> You can argue anything you like. Power charging points have popped up
> around the world, and you're not in a position to stop
> them. Furthermore, I'll note that over the air exploitable bugs in
> things like WiFi stacks and Bluetooth stacks have also appeared over
> time; perhaps it's foolish to have your phone on at all, and yet
> people will continue to turn their phones on, and even to use them.
>
> Perry

Well, I certainly am not deluded enough to think I have the power to 
stop power charging points popping up everywhere :-) Or to stop people 
making mistakes. Just because something is possible and everyone else 
does it doesn't make something less stupid.

It's a similar principle with wifi/bluetooth, which is why I avoid 
connecting even to a family member's wifi access point unless it's 
absolutely necessary. But USB is a physical interface directly into a 
device's circuitry, I think that carries more risk than radio. ok, usb 
2.0 is only 2 x power and 2 x data, but radio waves are at least 
filtered somewhat after hitting an antenna. Physical interfaces on a 
device, on the other hand, the circuit designer does not usually design 
them "defensively" (apart from e.g. fuses on the power lines).