12/20/2023 0 Comments Usb c yubikeyyou have to physically get the yubikey device to attempt any hacks on it). Yubikey's and the like are a high target item, but probably only for government-level adversaries, in general you have to be pretty well funded to attack these things, plus their attack surface is very very small, and most all of the attack surface is physical (i.e. These can be gotten at remotely because these devices have WiFI, bluetooth, etc in them, making them much more accessible remotely. So there is always (and will likely always be) security vulnerabilities in any smartphone, regardless of the brand/vendor/etc. Smartphones are a very high target for everyone, from the FBI on down, and their attack surface is very large. The YubiKey Neo ('large' version, not the 'laptop' version) supports NFC. The issue a YubiKey has is that it can be easier lost than an implant. A YubiKey doesn't suffer from this issue. The problem is that the signal can be intercepted (AFAIK it doesn't use a form of OTP), and the key cannot be easily replaced/revoked. As you can read in the article, its first headline was even in 2001 (to put in perspective this is 15 to 16 years ago). > I would be in favor of an implantable RFID chip or whatever 'better' tech comes around. Arguably, the physical car keys are easier to copy. With car keys, too, you have a backup key. "Honey! I can't find the car keys, have you seen them?" Of course, if the attacker logs in before you revoke the key, you are hosed, but the same would be true in your car analogy. Pretty simple: you use your backup key to revoke the lost key. But what happens when you lose that security token?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |