Hacker News new | ask | show | jobs
by TeMPOraL 2852 days ago
> They would have to remote into something even they don't have physical security access into.

Which they do from their... "co issued devices". And in the days of keys over passwords being standard practice (but 2FA not yet), pwning a worker's device can be very useful even if all the real targets are on remote servers.
1 comments
mc32 2852 days ago
I'd be surprised if any of the big tech cos have not deployed U2F.
link
chronid 2852 days ago
You'd be surprised by the number of those USB keys permanently attached to laptops/desktops or left on desks in the offices of the big tech cos. :)
link