So I hand you a malicious USB stick, you plug it in, the computer asks you to unplug it and plug it back in. You do so, because you trust the USB stick (why wouldn't you, free USB stick!).
Maybe it would be better to make you type some characters on the keyboard. Similar tricks with outher human interface devices. That way the user physically can't do it with fake USB sticks.
It would require that all these devices have at least some basic functionality with only some standard drivers. I don't know how true that is right now.
What? No, the operating-system is responsible for the dialog, and it would be saying something like:
"The following USB device has requested direct control over your mouse and keyboard inputs. Do you want to grant it access?"
"Note: If you are unable to interact with your computer, please wait X seconds for emergency instructions on how to enable this device."
You can't make anything totally idiot-proof, but a lot of people will be surprised/scared when a very unusual and seldom-seen dialog pops up when they plug in a particular misbehaving memory stick.
