Some cheap "blue" no-brand dongles don't have USB 3.0 traces:

http://tinyhack.com/2018/05/05/fixing-osmo-fl2k-dongle-that-...

Maiwo KCB003 dongle contains FL2K chip and have USB 3.0 ($15)

https://www.gearbest.com/cables-connectors/pp_1238337.html?w...

Source: https://hackernoon.com/osmo-fl2k-a-15-dtv-transmitter-fm-rad...

You could always check the SHA256 from a separate device on separate network, ie your smartphone.

Original poster is suggesting that if one can change the downloaded file on the source location, then the same person can update the SHA256 string used to "guarantee authenticity". They're not suggesting a MTM style attack where one changes the string mid flight.

Congratulations Ukraine, you invented the guided missile!

Wouldn't 802.11w protected management frames prevent this device from working, as long as the sysadmin has that enabled on their wireless routers?

You can do the exact same thing a pineapple does with a laptop and USB WiFi dongle. Start reading up on how to set up your own evil twin WAP, check Wifi Mana software.

When you can setup an drone pentest lab on your home you know you live in the future!