ice-d

Thank you for the very helpful information. This releaves a lot of anxiety about this particular area of security. appreciate you guys taking the time to answer my question. My worry was that a usb keyboard acquired on Amazon, could potentially log keystrokes and then send this to a remote attacker. I was leaning in the direction of a test bench of some kind, and using usbcap or something to capture traffic from the questionable device. My hypothesis, is that the piece that would make this challenging, is that the malicious activity would only happen if it were triggered in some way, remotely or by local activity. Not just naively running some code when powered on. Hence, why people have a full career in the subject, likely.

I bought a couple of the "Malicious Cable Detector by O.MG" connectors, and would also like to know what a good process could be done (if possible) to validate that a usb attached device, such as a keyboard, mouse or wifi adapter doesn't contain malware of some kind or an exploit. Sorry if this is a repeat question on an existing topic. My current hypothesis is that I may need to setup a test bench of some kind and run X Y and Z tools... help please?