"George N. White III" <gnwiii@xxxxxxxxx> writes: > I assume the OP's intent was for the system to ignore devices newly > connected when the screen is locked, so existing devices such as the > keyboard used to unlock the screen remain available for use. Apple > systems do something like this. If you connect a USB storage device > to a macOS box while the screen is locked, nothing happens. After the > screen is unlocked, the device must be unplugged and plugged in again > before it can be used. You can, however, connect a USB mouse or > keyboard to a macOS system that is locked and use the new USB device > to unlock the system. Delaying the discovery seems superior in another way too. Whitelisting certain classes of devices has another security problem. If usb keyboards are whitelisted (as they probably will need to be if the person uses a dock for their laptop) then someone could connect a small computer that imitates a keyboard. That phony usb keyboard can hammer the victim computer with rapid-fire password guesses. It makes breaking the lockscreen a lot less painful than the alternative of typing a large number of password guesses. -wolfgang _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
