Hacker News new | ask | show | jobs
by fsflover 1951 days ago
> giving an adversary a single device to target

Technically, yes, but how do you target it? This is impossible to extract the private key from it.
1 comments
baseballdork 1951 days ago
By stealing the device.
link
johntran 1951 days ago
It's most likely easier to brute force a password than to break into someone's house. Would be easier to demand all credentials by gunpoint with that much effort.
link
baseballdork 1951 days ago
That's a fair point, but that's not the only attack vector. I carry my token around on my keys which makes it vulnerable to being pick pocketed or just left behind somewhere. I think the original point was that you're just shifting your single authentication factor, not necessarily making it more secure. My key is only used for 2FA so even if someone were to get access to it, they'd have to know my password as well to get use out of it.
link
fsflover 1951 days ago
It does not scale.
link
ketralnis 1951 days ago
It doesn't have to scale. If you're the target, they only have to target you.
link
centimeter 1951 days ago
The overwhelming majority of hacks are dragnet, not targeted.
link