PSA: Yubikeys manufactured before March 2024 are to be considered brokenhttps://www.yubico.com/support/security-advisories/ysa-2024-03/
-
PSA: Yubikeys manufactured before March 2024 are to be considered broken
https://www.yubico.com/support/security-advisories/ysa-2024-03/ -
Jan Wildeboer 😷:krulorange:replied to madonius last edited by
@madonius @nina_kali_nina Weird that the researchers that found the exploit don’t agree. At all: „Thus, as far as the work presented here goes, it is still safer to use your YubiKey or other impacted products as FIDO hardware authentication token to sign in to applications rather than not using one.„ https://ninjalab.io/eucleak/
-
Nina Kalininareplied to Jan Wildeboer 😷:krulorange: last edited by
@jwildeboer @madonius it is not weird at all! Having a FIDO is super important for security, but now you have to worry that it might be compromised if it leaves your hands.
-
Jan Wildeboer 😷:krulorange:replied to Nina Kalinina last edited by
@nina_kali_nina @madonius In the hands of someone that has equipment worth around 11000€ at his/her/their disposal. How would you calculate the probability of that happening to you?