[dandelany]

Yes, but that isn't necessarily a good enough safeguard. See bigiain's comment about the USB Rubber Ducky... It would take more than a simple USB stick, but a device like that could disguise itself as a keyboard or mouse. Even if you blocked new disk volumes or something, a device emulating a keyboard could send keyboard signals to, say, open a terminal and copy files to/from a remote location.

[justincormack]

A keyboard device that sends keystrokes to download malware is mentioned here https://media.blackhat.com/bh-dc-11/Larimer/BlackHat_DC_2011...

Its a good overview of usb malicious devices from the software side.

[wnight]

You could use a keyboard as a data-storage device. Simply cat stdin into a file. That file would be a two-way communication program using the Caps Lock and other status lights for the reverse link. At that point it's as good as a drive, but slower.