You're joking, right?

mynameisvlad · 2024-11-12T00:56:07 1731372967

The vulnerability, as another commenter mentions, is extremely hard to exploit and requires both physical access and the specific accounts to clone the key for.

That may be too much of a risk for enterprises, but as a personal security key? That seems like a completely reasonable choice to make.

technion · 2024-11-12T01:39:01 1731375541

A yubikey vulnerable to this attack perfectly protects against phishing, which is the attack the 99.9% of us have a practical reason to worry about.

Not all vulnerabilities are equal.

lxgr · 2024-11-12T04:21:52 1731385312

But so does a software password manager supporting passkeys – at a much lower price.

palata · 2024-11-12T15:59:18 1731427158

But a software password manager on a compromised computer can be compromised, right? It feels like the secrets can't be extracted by a compromised computer: the attacker needs physical access to the Yubikey.

This sounds better than a software password manager, right? Or am I missing something?

lxgr · 2024-11-12T23:27:03 1731454023

Definitely, but GP mentioned

> [...] phishing, which is the attack the 99.9% of us have a practical reason to worry about [...]

Both physical and software authenticators protect just fine against that.

jyounker · 2024-11-12T11:03:15 1731409395

But lesser convenience and with more hassle.

meowster · 2024-11-12T11:36:17 1731411377

You're right: a physical security key is a lesser convenience with more hassle than a personal password manager in my case.

GauntletWizard · 2024-11-12T01:05:42 1731373542

No, I'm not. I've got a bunch of yubikeys locked in lockboxes when they're not in use, serving as trust anchors for internal PKI, but also using certificate logging. If one is compromised, there's a short window until it's known, and access to the box has a very small group of people. My threat model does not include "Insider under the watchful eye of two other insiders"

wannacboatmovie · 2024-11-12T02:00:42 1731376842

> My threat model does not include "Insider under the watchful eye of two other insiders"

Some Mastodon infosec grifter is going to name this "Insider Triple Threat".

burnt-resistor · 2024-11-12T05:07:35 1731388055

The attack is local, limited, and requires sophistication to pull off. For most people and most use-cases, this is a theoretical vulnerability rather than a real one.

While some users may need to buy updated YKs, perhaps having a tier of discounted "vulnerable" new old stock and more expensive patched new stock would make the most economic and utility sense.

m-p-3 · 2024-11-12T02:58:57 1731380337

If he understands the risks and deems those manageable according to their threat model, I don't see a problem.