I am new to Qubes OS and trying to understand USB security advices, especially concerning usage of USB keyboards.
Following statements confuse me:
If you connect USB input devices (keyboard and mouse) to a VM, that VM will effectively have control over your system. […] In addition to having control over your system, such a VM can also sniff all the input you enter there (for example, passwords in the case of a USB keyboard).
By “connect USB input devices to a VM”, is the USB qube meant by “VM”? My assumption is, there are two viable ways of connecting USB devices: 1) either to the USB qube - storage devices 2) directly to dom0 - an USB keyboard, otherwise we lock ourselves out of the system.
If the USB keyboard is connected to dom0 and not malicious, any compromised AppVM or an infected USB qube won’t be able to sniff keyboard inputs. So we should be safe and not “lose control over the system”. Am I right here?
Is it possible to embed the USB keyboard inside the USB qube, without locking us out of our own system (docs reference appreciated)? Would this make any sense at all? My assumption so far is, the keyboard is more safe in dom0.
Given I wanted to use a PS/2 keyboard - don’t the protocol stack and drivers have their own risc, when connecting to dom0? Why is it apparently considered to be more safe than USB?