[BlueZeniX]

Isn't it quite easy to block USB storage devices at the OS level? I mean hiding the stick is clever, but it shouldn't really matter. If you only allow HID devices, the mouse still works without getting access to the data on the stick.

[dandelany]

Yes, but that isn't necessarily a good enough safeguard. See bigiain's comment about the USB Rubber Ducky... It would take more than a simple USB stick, but a device like that could disguise itself as a keyboard or mouse. Even if you blocked new disk volumes or something, a device emulating a keyboard could send keyboard signals to, say, open a terminal and copy files to/from a remote location.

[justincormack]

A keyboard device that sends keystrokes to download malware is mentioned here https://media.blackhat.com/bh-dc-11/Larimer/BlackHat_DC_2011...

Its a good overview of usb malicious devices from the software side.

[wnight]

You could use a keyboard as a data-storage device. Simply cat stdin into a file. That file would be a two-way communication program using the Caps Lock and other status lights for the reverse link. At that point it's as good as a drive, but slower.