On Fri 15 May 2026 at 12:32:27 (-0400), Stefan Monnier wrote: > >> Not just bugs: I don't know of any OS out there that is even designed to > >> behave like you describe: they all automatically accept to recognize the > >> other end as whichever device (or set of devices) it claims to be. > > My android phone does that, as I already described: "When I run it > > [the script to mount the phone's fileystem] after connecting the > > phone, it (phone) asks for permission on its screen [which I have to > > acknowledge]." > > Now, try to connect a keyboard or a mouse to your phone (via USB), > instead: does it asks you for confirmation before you can use the > keyboard to control the phone?
I don't see why it should. Under what circumstances would you deny the device access? > AFAIK, Android doesn't do that. Such confirmation dialogs are standard > for Bluetooth, but not for USB. 🙁 Of course: bluetooth uses radio waves, so it's up to you to decide whether the correct device is trying to connect. If you can't ascertain that, then you deny. Isn't that what Pairing is all about? > > Just don't run an automounter? > > My example was connecting a device which presents itself as > keyboard+mouse+wificard: there's no automounter involved. Well, the automounter discussion was to help protect againt scripts that might autorun when a mass storage device is mounted. So one threat raised by a disguised K+M+W is as a connection. I'd treat that the same as any USB connection in a public space: USB-A: use a power-only cable for an old phone, or power bank; USB-C: connect to a power bank; Mains outlet: connect your phone/computer with your own charger. The only digitally-active connections I've used in public spaces were RJ45 network connections. One used to see these in some libraries, motels and B&Bs before wifi became almost universal. (Our house is plumbed with Cat5.) The other threat is what they call rubber duckies, or cables that have the same functionality built in. My question would be Why plug it in? And if you had a legitimate reason to plug it in, and your device obeyed your wish, asking for explicit confirmation, on what basis would you deny it? If you knew you were going to deny it, you wouldn't have plugged it in anyway. So what have you gained? What /is/ the purpose of bothering to ask whether to allow access to files, which is what I said my android phone does. I see two reasons: Makes it easier to disconnect as you don't have to unmount it, Avoids accidentally touching the filesystem when connecting to a device that you trust, but don't wish to share confidences with. The former might be useful for someone running an automounter. The latter might be useful when, say, charging a phone with via a colleague's computer on a business trip. Cheers, David.
