[waldfee]

If you are paranoid about something like this happening, just use https://www.qubes-os.org/. all usb devices are jailed in a non-networked vm by default.

In general, if what you do warrants that level of paranoia, qubes will help you massively.

Micah Lee held a great overview talk at HOPE 2018: https://www.youtube.com/watch?v=f4U8YbXKwog

[czechdeveloper]

I don't think it solves same problem.

[waldfee]

it does not solve the same problem, correct. it's still a great tool if your threat model warrants it.

[portpecos]

Can you give an example of a threat model that would warrant it?

[smogcutter]

You’re a journalist. Source gives you a usb drive full of documents. Source is in reality hostile/compromised, so is the usb drive.

[kawsper]

How does that work with input devices like keyboard and mouse?

[waldfee]

generally it is advised to use ps2 input (like most laptop's integrated keyboard and touchpad).

details on using usb keyboard and mouse here: https://www.qubes-os.org/doc/usb-qubes/