Comments by "eDoc2020" (@eDoc2020) on "A Neat Linux Kernel Feature You Will Never Use" video.

  1.  @soulstenance  In addition to some mobos for custom systems, most mid- and higher tier business desktops have a standard pair of PS/2 ports. As an option they're also available with brand-new PS/2 keyboards and mice. This is specifically so USB can be entirely disabled in security-conscious locations.
    3
  2.  @thingsiplay  The vast majority of Bluetooth adapters used in PCs are electrically connected over USB. I'm not talking about rectangular type A connectors but special internal connectors. These are the internal ports option 2 will automatically authorize. One example is the A/E key M.2 slot used in laptops for Wi-Fi/BT.
    3
  3. Yes, it's a weakness if used like that. But the authorization of pluggable devices is done in userspace and can be more advanced. For example maybe only authorize devices if a smart card is inserted.
    2
  4.  @soulstenance  I should add that it has the electrical USB D+/D- lines but you're not going to find a regular rectangular USB connector inside the laptop. It will use a proprietary connector and power is usually a minimally-protected 3.3v instead of the standard well-protected 5v.
    2
  5. Bluetooth adapters are usually connected over USB so they wouldn't be authorized if you use option 0. But keep in mind this means the kernel won't automatically authorize the device, you would likely have a daemon that would auto-authorize your main keyboard and other devices.
    2
  6.  @thingsiplay  Traditional Thunderbolt is PCIe and DisplayPort. I'd imagine modern type C Thunderbolt is mostly the same but it might also be a hybrid of the three. On that note I'm sure USB type C displays wouldn't count as USB.
    2
  7. That's why you lock down the BIOS and use disk encryption if you are concerned about physical attacks.
    1
  8. It's authorized by a userspace daemon which can be programmed with whatever mechanism desired. I would expect that setups used for desktop systems would always allow at least one keyboard so you could always login.
    1
  9. That's how most BadUSB devices work.
    1
  10. Yes, standard charging would still work.
    1
  11. Root hub is a virtual construct that contains all of the physical ports. If you disable the root hub all of the ports are disabled. Internal is pretty obvious, anything inside the computer. Things like webcams, fingerprint readers, smart card readers, and Bluetooth adapters connect through USB.
    1
  12. I also like AoE but iSCSI has more features and is probably faster in most cases.
    1
  13. On a desktop the most likely internal USB device would be a Bluetooth adapter if so equipped. On a laptop the webcam is almost always USB. Fingerprint readers and smart card readers (common on business laptops) are usually also USB based. The kernel knows which devices are internal because the system firmware (supposedly) says so.
    1