Comment by pdkl95

Not only should it not have direct access to hardware[1], important data such as private keys shouldn't even be directly accessible by any part of the browser. We've known how to keep keys in their own management process for a long time (e.g. pgp-agent, ssh-agent).

[1] Putting USB anywhere near the web may be the stupidest idea I've ever heard. Attempts to add USB access to the browser should be seen as an attack. A camera or microphone can be a serious security problems, but failures in those features can (at least theoretically) be limited to features related to a specific hardware. Failures related to the USB buss can grant access to a lot of hardware that was never designed for security.