Some thoughts on the YubiKey EUCLEAK Vulnerability
cyb hacking yubikey · 4 comments · 800 words · Viewed ~474 times
It looks like everyone's favourite FIDO token provider might have an unpatchable vulnerability! Much Sturm und Drang from the usual sources. But how bad is it really? Not so bad - but it does expose some weaknesses in the very idea of having physical tokens. First up, as the research paper's abstract says: The attack requires physical access to the secure element So, straight off the bat,…
Continue reading →