pull down to refresh

I get why general hardwired USB is a security risk. But if you control 100% of the hardware, as with Coldcard, why can't you just support the most limited subset of USB functionality, and not allow it to do anything weird?
Hey slush! We do support USB use both via E2EE direct HWI or by VirtualDisk emulation, we just don't like it and recommend the better safety of SneakerNet.
USB spec and implementations are a cluster f., it's hard to guarantee it (on the host side) and we just don't know bugs we could have exposing ppl with the added attack surface.
This presentation goes over my opinion about USB https://www.youtube.com/watch?v=p69ACzYQQys
reply