"An interesting solution, it would definitely prompt the user to understand what the device is trying to do."
But then it could simply wait for the user to enter the password (1), then read it by sniffing the traffic from the keyboard and store it internally for later use, since it's all in clear ad it cannot be encrypted before entering the machine unless most (all) USB consumer hardware get some heavy modifications.
1- very simple algorithm: store in the internal flash memory whatever the user enters between connecting the keyboard and hitting the 2nd enter key; if it's mostly the same words, then it's very likely an user/password pair.
"But I'm sure that it's extremely hard to prevent something malicious, once it has physical access to a port on your computer... "
Very true. Malicious plug in hardware was just a matter of time; we badly need some active protection for these things, or it would be a mess. This is the perfect weapon in the hands of people with a thing for vandalism, I hope mainstream media won't cover that story.
You're assuming the malicious device is a keyboard, or is on the signal path between the motherboard and a keyboard. That's not the common case, nor is it the case here. No one types their password into an iPhone cable, because the cable has no keys to type with.
But then it could simply wait for the user to enter the password (1), then read it by sniffing the traffic from the keyboard and store it internally for later use, since it's all in clear ad it cannot be encrypted before entering the machine unless most (all) USB consumer hardware get some heavy modifications.
1- very simple algorithm: store in the internal flash memory whatever the user enters between connecting the keyboard and hitting the 2nd enter key; if it's mostly the same words, then it's very likely an user/password pair.
"But I'm sure that it's extremely hard to prevent something malicious, once it has physical access to a port on your computer... "
Very true. Malicious plug in hardware was just a matter of time; we badly need some active protection for these things, or it would be a mess. This is the perfect weapon in the hands of people with a thing for vandalism, I hope mainstream media won't cover that story.