56
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel
(arstechnica.com)
this post was submitted on 03 Sep 2024
56 points (95.2% liked)
Hardware
480 readers
84 users here now
All things related to technology hardware, with a focus on computing hardware.
Rules (Click to Expand):
-
Follow the Lemmy.world Rules - https://mastodon.world/about
-
Be kind. No bullying, harassment, racism, sexism etc. against other users.
-
No Spam, illegal content, or NSFW content.
-
Please stay on topic, adjacent topics (e.g. software) are fine if they are strongly relevant to technology hardware. Another example would be business news for hardware-focused companies.
-
Please try and post original sources when possible (as opposed to summaries).
-
If posting an archived version of the article, please include a URL link to the original article in the body of the post.
Some other hardware communities across Lemmy:
- AMD
- Gaming Laptops
- Laptops
- History of Computing Hardware
- Linux Hardware
- Mechanical Keyboards
- Microcontrollers
- Monitors
- Single Board Computers
Icon by "icon lauk" under CC BY 3.0
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Its not much of a vulnerability, like locks, its not if it can be picked, it is how difficult it is to be picked, but the difference here is that the vulnerability is that a nation state actor, or a high capability actor can compromise it, and "it" being the thing that keeps your accounts safe.
So this is like the lock that protects all your accounts can be shimmed if it ever gets out of your control type of an issue, so not to stop using them, but to keep them secured or on your person at all times.
I hope YubiKey offers a fair upgrade program for their next series of keys and maybe a new FIDO Standard.