[georgyo]

He mentions yubikey in the title, but then nowhere else. The Yubikey Neo seems to be pretty close to his target device. The Yubikey 4 removed the ability to write new apps.

The stuff about the NDA I do find alarming. In order to write "secure" programs for the chip on the Yubikey, you must have an NDA with the manufacturer. In fact the open source pgpcard app for the Yubikey is different than what ships with the Yubikey because they can't open source the secure bits. Which is a bit upsetting. So uploading the open source version weakens your security.

That said, having my keys there still gives me much higher degree of security then an encrypted file on my computer. Malware may be able to get my pin, but not my keys.

[closeparen]

When I dug into the smart card scene, it was clearly a world meant for enterprises that make deals on golf courses. The official specs, SDKs, etc. for the hardware is sold for many thousands under "call us" licensing and NDA from NXP. There's some working GPG applets but the open source PKI applets are all abandonware; you're meant to license one (Windows only, of course) from Gemalto, also a "call us" deal.

I've seen some references to anti-side-channel techniques that are trade secret or patented or both. I think you can only get them in a Windows-based "solution" deployed by consultants who are authorized resellers of these companies.

Yubikey has done an incredible thing in democratizing the technology as far as they have for smaller-scale, Linux and Mac-centric users. It's shitty, but don't blame Yubikey.

[subway]

Only the dev version of the Neo supported altering apps on the device. Later versions were locked -- causing Yubico to issue replacement devices when it was discovered their GPG applet contained a vulnerability a couple years ago.