Hi, I’m new and wanted to ask some questions about badUSB and Qubes. To clarify what I think I already know. Anyone who reads this if I’m correct or wrong please correct me. This thread could help other people trying to learn some of this material in the future.
It’s not a safe idea to keep a USB drive plugged in the Qubes computer because there is a period of no protection between the USB Drive and computer top. If the USB Device has something bad in it like badUSB there is a chance it can pass over during a boot. So its better to let it turn on before plugging anything in. And its better to unplug any untrusted USB devices when shutting down. So hypothetically if you get a badUSB device and plug it into the computer and then reboot the computer with the badUSB device plugged in then it can infect the entire machine. Correct? But if you plug in a badUSB device while the Qubes computer is already online and only expose a random VM to it then you pull that USB device out before shutting down you will be safe. (Of course I’m speaking very hypothetical.)
Qubes can help against badUSB to an extent. But its not perfect. When you plug in a USB device to a Qubes laptop you are safe up until you select which VM to connect that USB Device to. So although Qubes can isolate badUSB from Dom0 you are still exposing a VM to the USB Device to potentially badUSB.
Lets say a person wanted to plug in a USB Microphone. And lets say that USB Microphone had some sort of bug in it. Wouldn’t the elaborate security in Qubes be able to stop such a bugged or badUSB Microphone from doing its job? Don’t those things require using access to things that Qubes blocks.
I’ve been trying to fully grasp all this information so if anyone can help educate me if I am not fully understanding this please let me know. I’m also sorry if I sound confusing.