I only use Logitech keyboard and mouse (via their USB wireless “universal receiver”), Samsung USB/USB-C external drives, and well-known USB thumbs like Cruzer Blade, etc.
All of my USB are (unfortunately) on the same bus because that’s all my Librem Mini v2 has.
I can assume that nobody has broken into my house and reprogrammed these external USB items. That’s simply not my threat model (I have neither time nor energy to take that into account because if somebody breaks in, I have bigger things to worry about).
My primary purpose for using Qubes:
Keep my sensitive files in an environment that never touches the internet.
Given the above:
Is it safe for me to connect a USB drive to an online Qube, transfer some files, disconnect it from there, connect the drive to an offline Qube, transfer some files? And vice versa, from offline to online.
I want to know in particular:
Could this somehow expose my offline files to the internet? (The ones I didn’t explicitly choose to transfer)
So what are some scenarios to worry about?
One scenario: The companies themselves (Logitec, Cruzer Blade, etc.) have added built-in Qubes-specific attacks into their deviecs. IMO unlikely, but your thoughts?
Are there any other attacks I should watch out for?
For me reading this as it was written, it is completely unclear from where to where you are transferring files when attaching and detaching USB drive to an online/offline qube. The only obvious thing is attaching/detaching USB drive to online/offline qube, which for me isn’t a go, not ever.
Whatever happens, it is also unclear why wouldn’t you use safe transfer over qrexec between qubes? Which raises question if you are aware of qrexec at all?
If not, or yes but not aware of its features, rather than this topic, you would rather want to start from here
Maybe I wasn’t clear enough. I’ll try to rephrase:
What harm could be done by connecting a Samsung T5 SSD to online qube, and then connecting it to an offline qube, and then connecting it again to an online qube?
Specifically, is it even possible for software from the internet to reprogram the SSD to do what it wants (such as put offline data into a “hidden” space on the SSD, and upload it once it gets connected again to the online qube)?
For now, let’s please assume Samsung themselves haven’t programmed Qube-specific exploits into the drive itself.
Any online qube is considered to be compromized. So, if you have a drive attached to it, it is alsom consiedered as compromised.
So again I underline you shouldn’t connect the same thing both to online and offline qubes (at least I wouldn’t). I’d do it only to offline qubes, and for transfers I’d use qrexec.