On Tue, Jan 16, 2018 at 07:03:58PM +0100, Stephane HUC "PengouinBSD" wrote: > Perhaps, using hotplugd and file /etc/hotplug/attach? > > Le 01/16/18 à 18:39, Charlie Eddy a écrit : > > Hello, > > > > Is there a method to detect and halt additional USB devices being added > > after initializing connections? Concerned about widespread vulnerability of > > keystroke injection.
There's no such way. Maybe something like this https://usbguard.github.io/ but that's for Linux only. There can be hw attacks over DisplayPort too. Some Linux people were discussing a possibility to disallow adding new DisplayPort based devices after boot to prevent physical attack on fully booted (physically unprotected) computer. Jiri
