@foone the whole unfixably fucked security is something @stman and I discussed in lenghts.

• We came to the conclusion that using PS/2 ports and having a fully-transparent keyboard in a vlear, sealed case with reference images is the only option.

#USB is unfixably broken as it inherently does neither #authentification (#BIOS & #UEFI filter only by #HID class drivers if they can do so at all!) nor proper integrity checking nor any #Security whatsoever.

• Most enterprises and organizations that I know who do care about this literally hardwire systems, but them in lockedcabinets, use #PS2 HIDs, disable #USB controllers and set ports and headers in resin...

I mean, as soon as you got a #PwnPi or #PoisonTap at your hand, it's gameover...
https://www.youtube.com/watch?v=Aatp5gCskvk

@BrodieOnLinux So I guess I've to blame #Linux distros like @ubuntu that don't offer that in their settings...

Needless to say USB-IDs are trivial to copy and clone so that won't stop anything from like #PwnPi ALOA from working because there isn't any form of authentification or (integirty) checks or encryption whatsoever on #USB...

https://github.com/greyhat-academy/lists.d/blob/main/usb.devices.list.tsv

@porkroll Because there is no rational reason they can't deploy #PDFarranger via #SCCM or whatever crutch their #MSP uses [because #Windows doesn't have any good #PackageManager whatsoever]...

It sounds more like #SecurityTheater and I'm convinced that it's trivial to #BadUSB their systems since one can configure the USB-IDs and functionality of tools like the #PwnPi / #PwnPiALOA...

@i0null Yeah...

*Remembers #Seytonic's Tutorials for the #PwnPiALOA / #PwnPi...*
https://www.youtube.com/watch?v=s0K-YIL_G5c

@crypto_gnu yeah... That may be the issue...

It's like with the #PwnPi / #PwnPiALOA and #Floppinux...

Both had their releases scrapped from their project sites...