YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel(arstechnica.com)

posted 2 months ago

GreenEngineering3475@lemmy.world

hardware@lemmy.world

8 commentshide report

Edit: Yubico has issued a security advisory on the vulnerability https://www.yubico.com/support/security-advisories/ysa-2024-03/

Sort:

Hot Top Controversial New Old

You are viewing a single thread.

View all comments

[ - ]

Alphane Moon@lemmy.worldM

29 points

2 months ago

“The attacker would need physical possession of the YubiKey, Security Key, or YubiHSM, knowledge of the accounts they want to target, and specialized equipment to perform the necessary attack. Depending on the use case, the attacker may also require additional knowledge including username, PIN, account password, or authentication key.”

permalink

report

[ - ]

jelloeater - Ops Mgr@lemmy.world

10 points

2 months ago

Seems like a “blast door” type problem…

permalink

report

parent

[ - ]

𝕸𝖔𝖘𝖘@infosec.pub

4 points

2 months ago

That sounds like the attacker would need to basically already know how to unlock it…

permalink

report

parent

Hardware

!hardware@lemmy.world

Create post

All things related to technology hardware, with a focus on computing hardware.

Rules (Click to Expand):

Follow the Lemmy.world Rules - https://mastodon.world/about
Be kind. No bullying, harassment, racism, sexism etc. against other users.
No Spam, illegal content, or NSFW content.
Please stay on topic, adjacent topics (e.g. software) are fine if they are strongly relevant to technology hardware. Another example would be business news for hardware-focused companies.
Please try and post original sources when possible (as opposed to summaries).
If posting an archived version of the article, please include a URL link to the original article in the body of the post.

Some other hardware communities across Lemmy:

Icon by “icon lauk” under CC BY 3.0

Community stats

1.6K
Monthly active users
1.6K
Posts
2K
Comments

Community stats

Community moderators