if putting a USB stick into a computer is a security risk then this is a failure of the people designing the computer's operating system, not the people putting in a USB stick.
Conversation
This Tweet was deleted by the Tweet author. Learn more
I think you're reinforcing exactly what said. In a well-designed operating system, filesystem drivers run outside the core kernel with an isolated process for each instance. Even for a monolithic kernel where it's not the norm, you don't need to do it for external drives.
1
Nearly all of those code execution vulnerabilities are memory safety issues, which are primarily caused by the choice of programming language. We know how to avoid the vast majority of those bugs for something like a filesystem driver where it easily fits into safe abstractions.
1
If robustness and security were higher priorities, it wouldn't be like this. Monolithic kernels and memory unsafe languages aren't the fault of the user. Neither is having a system without a proper sandboxing / privilege model so that it's game over if they execute something.