[monocasa]

Uh yeah, they should have. Random USB sticks (which is how stuxnet bridged the air gap) are banned for a reason in every secure site I've heard of.

[hermitdev]

Agreed. Financial institutions I've worked at have blocked unapproved USB devices at a domain level. Want that special keyboard or mouse? Got to have approval. Want to connect your iPod/phone for anything beyond charging? Hell no. Attach a USB mass storage device? Likely be ealked out the door fired before you get approval.

Edit: spelling.

[ineedasername]

those bans started happening en mass pretty much as a result of stuxnet. Before that, many places had policies that were lax or non existent.

[hermitdev]

Not sure this is true. Every company at scale I've worked at has had policies banning unapproved USB devices since the early 2000s. It's usually smaller companies that are more susceptible to this, because they dont have the infrastructure.

[ineedasername]

Really? Maybe it's just a bit of selection bias (not yours) that I didn't see it at the places I came into contact with.

[hermitdev]

Maybe it is selection bias. Most of my career has been spent in industries sensitive to trade theft (finance, industrial manufacturing). Not sure how difficult it is to do on Linux, but if you're administering a windows domain, disabling unapproved USB devices can easily be done via group policies.

[monocasa]

Nah, I personally know that some secure sites were banning them at least as early as 2006.