KidM to CybersecurityEnglish • 13 days agoYubiKeys are vulnerable to cloning attacks thanks to newly discovered side channelarstechnica.comexternal-linkmessage-square3arrow-up176arrow-down11cross-posted to: [email protected]
arrow-up175arrow-down1external-linkYubiKeys are vulnerable to cloning attacks thanks to newly discovered side channelarstechnica.comKidM to CybersecurityEnglish • 13 days agomessage-square3cross-posted to: [email protected]
minus-square@sun_is_ralinkEnglish32•13 days agoTLDR; the attack is very sophisticated, require hardware access and specialized tools. On the other hand its not possible to patch the vulnerability
minus-square@[email protected]linkfedilinkEnglish4•12 days agoTo add: All YubiKeys running firmware prior to version 5.7—which was released in May and replaces the Infineon cryptolibrary with a custom one—are vulnerable. So if you bought your key from June onward, you are most likely in the clear.
TLDR; the attack is very sophisticated, require hardware access and specialized tools. On the other hand its not possible to patch the vulnerability
To add:
So if you bought your key from June onward, you are most likely in the clear.