Agree. Specifically generally speaking it’s an untrustworthy system and practical might be malicious via the file, usb-firmware, might be connected to high voltage line, etc.
Do think though as a social experiment they’re fun as long as you’re only using throwaway systems/devices.
Beyond that, personally would not suggest damaging property, but instead affixing USB to padlock like this:
All and all, basically same as geocaching [1] — which obviously could be dangerous if someone wanted to be malicious, but never heard of that happening; have heard of malicious USB dead drops though.
A safer alternative would be something like a piratebox (https://piratebox.cc/) instead of a USB dead drop, since a piratebox would have no physical connection to your computer.
I keep being annoyed that Piratebox, Internetinabox, Othernet, aren't all the same project. Like of course an IIAB node should include a messageboard. Of course an Othernet node should have support for offline payload bundles and user uploads. Of course a Toosheh bundle on newly-inserted storage media should be automatically extracted and presented in the interface...
If I ever grow some more software clue, I'll be trying to unify all of the above into a single interface. Wish me luck.
Toosheh being a “satellite filecasting technology deployed in Iran and the Middle East that uses common satellite equipment to deliver digital content without relying on access to the Internet” per Wikipedia:
That said, unlike cheap and replaceable USB sticks, they’re easy to find using RF analysis. As such, unless it’s physically secured, likely quickly be stolen. Also likely require a power source and weather proofing.
This website been around since at least 2010, but number of the drops listed were physically removed, but not delisted from the site:
https://www.deaddrops.com/