Articles say Ubuntu is secure because root is locked and a hacker can’t guess your userID and usb security password, so I’m wondering if I lose that benefit by continuing to run with the default.
Many also use serial cables to avoid DMA risk. Certain modifications must be made but the drivers are so simple to modify. I used an IDE because it had working drivers in about every OS, is cheap, secure usb can operate in non-DMA mode, and is over 100 times faster than serial. My recent work is basically a dedicated chip (or PCI board) containing and running only what I determine to be trustworthy.
It does underline the idea that only Free or at least open-source software is trustworthy from a security perspective. I would think that readers of this blog would already have received that memo. Non-free and proprietary firmwares usb access control are a problem in general, and not solely in USB land or relating to this specific class of vulnerability. This means the same U2F-enabled YubiKey you use for Gmail or Google Apps can be used with your GitHub and Dropbox accounts.