I mean therein lies the problem. If you remove mass storage devices but allow cds then that’s just a different attack vector to exploit. You could potentially make it so there is no way to interface with any kind of storage but then when someone finds a way to break things open with a hid device you now have no practical way to fix the issue (plus working with the machine will be a nightmare)
I mean therein lies the problem. If you remove mass storage devices but allow cds then that’s just a different attack vector to exploit. You could potentially make it so there is no way to interface with any kind of storage but then when someone finds a way to break things open with a hid device you now have no practical way to fix the issue (plus working with the machine will be a nightmare)