You can't blame the USB ports entirely... I mean, yes, it's insane he can force requests that trick your machine into dumping unencrypted cookies, but remember this intercepts and modifies unencrypted traffic, which any packet sniffer or upstream provider (router, ISP, et al) can already see/modify.

So even if you follow Samy's recommendation of putting cement on your USB ports, [0] you're still vulnerable to injection and interception.

Moral of the story: encrypt all the things.

[0]: https://github.com/samyk/poisontap#desktop-security