I was just perusing the Purism store and checking out some updates since my last visit. I was surprised to see a new offering: Librem-flavored power banks.
What caught my eye was the description: “Protect your computers from untrusted, public USB charging ports when you travel by bringing your power with you.”
I agree that this is a valid security risk and the thought is always prevalent in my mind when I’m out traveling. This is one reason why there is a market for “USB condoms” - simple, compact adapters that have connections for power pins but leave out the data lines.
Now, this post is not about the power bank, but is about the Librem 14. I have yet to order one as an upgrade to my Librem 13v4, but I’m noting how it has USB-C PD. Nice. The most natural step towards privacy and security in line with my interpretation of Purism’s mission would seem to be the addition of yet another hardware killswitch immediately adjacent to the USB-C PD port to block the data pins for secure charging capabilities. This would certainly give security-minded users a little more peace-of-mind while working in public environments.
This sadly is not possible, in layman’s terms USB-C PD requires data pins to negotiate how much power the device (L14 for example) wants and how much the charger is able to provide.
Can you disable all USB devices on that USB port, while charging, using a udev rule?
Any change of this nature would have to be optional - because you might be charging through a dock and want working USB data (devices) at the same time.