Hacker News new | ask | show | jobs
by jhnct 1573 days ago
My yubikeys were sent in an envelope identifying its content, I thought it wasn't a smart move at the time :/.
1 comments
sascha_sl 1573 days ago
If you're at risk...

Yubikeys are exceptionally bad targets to intercept and modify if someone wants to send you an implant. It's more likely they'll get you with the next mass storage device or data cable you buy on Amazon.

link
kingcharles 1573 days ago
You'd have to be an NSA-level target for them to take a Yubikey out of the mail stream and modify it. And at that point you're going to have all sorts of worse things to worry about.
link
jhnct 1573 days ago
Totally agree, anything with a (big) firmware or mass storage looks like a better device to compromise.
link