Added smart keyboard interaction. Prevents users from unlocking thems…

[Thorsten-Sick]

…elves on total keyboard destruction by coffee.

Some things do not yet work as expected. So there is a wishlist:

• Make it configurable (config dialog is next on my todo)
• Ubuntu screensaver does not display the notification or any hints....the UI experience of this feature could be better with that.

[6E006B]

While looking through the code I might have found a problem with the proposed implementation: If you automatically enable the device if it is plugged in, if it has a configuration containing device class 0x3 (HID), that also means, that you activate all other configurations (and therefore device classes) as well. Therefore attacks based on any other device class is enabled through this kind of behavior. A possible work around could be to check if it is the only type of device class the USB device has. Selectively enabling only the HID configuration is not possible as far as I know.

[Thorsten-Sick]

You are right. And there is no selective approach. What if: We automatically activate HID-ONLY devices ? As soon as it is a bit smarter and offers other features it will not be added automatically.

In the case of broken keyboard: User will have to get a simple replacement keyboard.

[Thorsten-Sick]

Changed the logic to only accept pure keyboards

[6E006B]

As a feature request I would like to propose to check if the screen is actually locked before allowing the device. For one to circumvent race conditions and also, if the user does not use a lock screen application listening for dbus events, the device is not enabled with no lock screen in place at all. You think this can be added easily or should this be handled in a different branch?

[Thorsten-Sick]

I'll add this today. The sleep was meant to give the user the opportunity to notify the notification. As the lock screen does not show notifications (yes, I know, dirty hack).

As for race conditions with the attack: When inserting a BashBunny it needs some seconds to boot. After that it registers as a keyboard and after some (configurable) seconds it starts to attack. If the keyboard is not registered until the attack starts the attack will evaporate. User is protected. So there is a race condition, but a good one. Just sad that the attack delay in the BashBunny can be configured....or it would be a simple mitigation (not perfect but ok).

[Thorsten-Sick]

Fixed it to using events (screensaver lock) to activate the devices. Can be pulled now (IMHO).