Comment by chillfox
6 hours ago
ok, let me expand on why I don't like it...
It's making a niche rarely done use case safer at the cost of making the common case (browsing the web) less safe.
And yes, I am fully aware that I can not press the button that give random sites access... But the issue is it increases the attack surface and is yet another thing that I could get tricked by on a bad day.
The OS should really be able to run code like a firmware flash utility in a sandbox that only has access to one USB device... But instead of improving the OS we keep adding features to the browser which increases the attack surface.
I have a very long list of things I am unhappy about the OS allowing just any app to do, especially app installers/uninstallers should not be a thing.
If you're worried about that, you can just disable WebUSB in the chrome settings. Any website will be denied access to that API from now on. And what's even better: you can selectively enable WebUSB for some websites.
That's what I do and that's what I suggest for any security-conscious user to do. Just explore Chromium settings, there are dozens of various APIs that could be disabled. Do you need Web MIDI? I don't. Disable.
Won't work as a default setting for average user for sure, but if you consider yourself an advanced user, do that.