You are identified by whatever your machine decides to tell the server about itself. The beauty of Qubes OS, is that the VMs blab to the servers that they’re Fedora, Debian, Windows, MacOS, BSD, Arch, Gentoo, Kali, or whatever else you may have running.
Most of you would have noticed that when your Qubes OS machine connects to a LAN, it doesn’t state its hostname, nor does it accept ping requests (although you can, of course, enable it if you know what you’re doing).
Honestly, short of getting into dom0 and running
cat /etc/os-release
…it seems highly unlikely that anyone could remotely discover you’re running Qubes OS. The smarter ones might deduce that you’re inside a VM, though…
EDIT:
Turns out it is possible to tell if you’re inside a Qubes VM, based on certain files. See @fsflover’s post below.
I was going to say something like Albert Einstein’s old “thought experiments”, but D&D works great too! 
This would be the perfect D&D scenario.
Ok, say I did put an extra NAND flash chip on the PCB, and made a copy of everything that went in and out of your USB device.
- Wouldn’t you notice the increased heat generation and power draw on the tampered peripheral?
- Given the amount of stuff that goes back and forth through a USB connection, wouldn’t my NAND flash become full after, like, an hour (if that)?
- Would I be able to control the device remotely? If so, how? Would it rely on the machine being infected, or would I cram a LoRa module inside the USB device?
- Once I’ve done my collection, how do I get that information off the chip and to me, without actually having to go and collect the device? Do I have to trick another device or plant some malicious software on your machine?
Do you see where I’m getting at?
The more you work out all the fine print, the more you think to yourself “My god, whatever this guy has had better be worth it…”
Unless you’re on one of these lists:
…it’s a lot of effort to likely end up with nothing, not to mention that it’s so reliant on the attacker having complete control over all hardware and software, that it would actually be easier to just STEAL THE COMPUTER! 
Yes, serial devices do this. Parallel devices do not.
But thankfully, the machine coordinates the orchestration of who gets to send a 0 or 1 and when. If a device were to try and speak out of turn, the machine would notice and hopefully issue a reset command, or assume the device is faulty and cut power to the device, and drop all data received from it.
Fortunately, this happens a lot less than you might think. Yes, it still does happen, but it’s found out a lot faster than before, thanks to the Internet. It’s the same reason tourist traps are on the decline. Because word spreads around the globe faster than ever before in human history. This forum is the perfect example. People from all over the world can have a conversation as if they’re next to each other!
Yes, they could, but that would more likely be envious gaming Chads wanting to knock off your shiny RGB gaming mouse
There’s nothing
Get multiple and connect them to each other! It’s the working-class man’s NAS! 
And on that note, I have respect for someone who straight-up says “I need 50 USB ports”. Maximum respect to you, @zara! 
A smarter option would be to write a driver for the Hub that would use RSA keypairs for each port to encrypt and decrypt everything that is sent between the machine and each device.
A little more CPU overhead, but hey, if it makes you feel safe, then there might be a market for it.
As someone who is actually involved in hardware procurement, I can tell you that factories pull this on you ALL THE TIME, and you often only find out once everything has already been manufactured…
Unless you’re Apple or Samsung, in which case you employ people directly who’s sole job is to be based at the factories and WATCH THEM LIKE HAWKS! (I’m not making this up. This is an actual job!)
This wasn’t Purism’s fault… I’ll call it what it is.
@zara, could you elaborate and provide a few use cases?
- When you say “authorized”, what do you mean?
- What is “authorizing” them? The hub? Qubes OS?
- “Physical lock functionality”? So…a lock? A switch? A case? A shark with a frickin’ laserbeam attached to it’s frickin’ head?
ALL PCBs are already like this. Trust me. Nobody will go out of their way to make a PCB difficult to read. Not even Apple…*sigh*…
So:
- Assume that he will come and “do dusting in your apartment”, and come up with a plan
- Set up cameras to film him in the act
- Sign all your files on your machine (or better yet, make them phone home if they’re opened elsewhere!)
- Boobytrap some files if you want to be evil (Don’t be evil)
- Leave “honeypots” around the house that will let you know what was touched while you were away
- etc etc etc. Basically the entire premise of the Home Alone movies
The market rate for a month of an individual’s browser history (just URLs) is around $50USD.
Anyone who’s tried to sell something that’s stolen will tell you that it’s very difficult to find buyers. So, it’s safe to assume that if he did break in, it would be for the HARDWARE, not your files…
The Premise
If I may, ladies and gentleman, interject for a moment…
We have several threats that we’d like to protect ourselves from.
- “I’m worried about the device being tampered while in transit to me, resulting in instant pwnage as soon as i plug it in”
- “I’m worried about the device deceiving my machine at the time it’s plugged in, masquerading as something harmless, and then randomly pretending to be a USB keyboard and/or mouse”
- “I’m worried about other people sticking things in my ports when I am at my machine”
- “I’m worried about other people sticking things in my ports when I’m away from my machine”
- "I’m worried about …?
It may be that a “secure USB hub” may not be the best countermeasure against these threats…
Think outside the box. 
And no. I’m not being a d*ck. I love these hypotheticals. And would happily design (and even manufacture if there’s a market) stuff like this.
