[cheerlessbog]

How would you approve the keyboard without using the keyboard?

Anyway since we are assuming physical access, they could just swap out your keyboard for one that works normally until you go for lunch, then starts typing for itself..

[wmf]

The OS could display a random sequence of keys that you have to press to enable the keyboard. If the evil cable can't see the screen it wouldn't know what keys to transmit.

This is not a serious suggestion since it would be annoying to most people.

[DaiPlusPlus]

No more annoying than Bluetooth pairing PINs or iOS's passcode-to-use-USB prompts. If the keyboard has secure stateful memory (e.g. for a client-certificate or client-secret) then the user would only have to enter it once.

[DaiPlusPlus]

> How would you approve the keyboard without using the keyboard?

On laptops the built-in mouse and keyboard would be "trusted".

On desktops and servers, I can think of a couple of strategies:

* Always trust keyboards only when plugged into certain USB ports (e.g. ports on the front of the computer highly visible to the computer's operator) * Mutual keyboard/host authentication and encryption.