So their vision of the future is that to do anything online, one MUST have a phone (ahem, portable wiretap)? And they're going to be keeping my secrets for me, for my own good?
It's literally the opposite. You "must" have a cryptographic device (a dongle) that is only doing that one thing, authentication. Doesn't have a built in radio (unless for NFC, if you want it), doesn't have any microphone or camera, doesn't store any data beyond what's needed to authenticate, doesn't communicate except to authenticate - bi-directionally, so phishing is no longer a thing, or at least it's a lot harder.
It's very hard to make a privacy case against FIDO. Practically speaking it's one of the best things that happened to privacy&security since the invention of asymmetric cryptography. The deployment of this tech reduces phishing effectiveness to near zero, or in many cases literally zero.
> It's very hard to make a privacy case against FIDO.
With username and password, I have full control over my privacy in a very easy to understand fashion: If I randomly generate them I know I cannot be tracked (as long as I ensure my browser doesn't allow it by other means).
With those keys I have a opaque piece of hardware which transfers an opaque set of data to each website I use and I have NO idea what data that is because I do not manually type it in. I need to trust the hardware.
Sure, I could read the standard, but it very likely is complex enough that it is impossible to understand and trust for someone who has no crypto background.
And I also have no guarantee that the hardware obeys the standard. It might violate it in a way which makes tracking possible. Which is rather likely, because why else would big tech companies push this if it didn't benefit them in some way?
> Which is rather likely, because why else would big tech companies push this if it didn't benefit them in some way?
They switched to this internally a long time ago which basically eliminated phishing attacks against employees. There are security teams inside those megacorps that have a general objective of reducing the number of account takeovers, and non trivial resources to accomplish that. Not everything is a conspiracy.
Also, I am sure you will be able to stick to just passwords for a pretty long time while the world moves on to cryptographic authentication. I'm not being sarcastic here.
Yes, they also track the behavior of their employees. It is security for them and not for the user in many cases. In a perfect world those incentives align but they don't have to.
With your password manager, you're trusting a lot more: the software of the OS and kernel, the software of the browser and its dependencies, the software of your password generator and your password storage. You also have to hope the developers and administrators of the website you're signing in to aren't storing your passwords in plain text (and I don't just mean in the database - overly-aggressive APM/logging might be storing POST request data in a log stream somewhere).
The only attack that's an issue for both passwords and security key-based sign-in is targeted attacks against a website, where they use your browser to execute malicious API calls to the website after you've signed in regularly.
I'm not familiar with FIDO, but passwords place a lot of effort into the user (must avoid repeating them, must avoid simple sequences, etc). After years of warnings, this has berely changed - people use lousy passwords and repeat them.
So I'm all up for considering different approaches.
No. Google's power to lock people out of their website is already here with the prevalence of 'Sign in with Google'.
FIDO is unrelated; it works by having the browser/device itself sync the virtual security keys[0], much in the same way they sync passwords currently. That's the only thing changing here, giving people the choice (and encouraging them) to sign in via "what you have" instead of "what you know".
I doubt they'll do away with tools like smart cards or Yubikeys any time soon. Laptops and modern computers also contains a TPM so you don't necessarily need to have a phone for secrets storage.
If push comes to shove, I'm sure someone will develop a lightweight Android emulation layer you can run in the cloud that pretends to be a phone enough that you can use it.
> Laptops and modern computers also contains a TPM
The root of trust for which extends to who knows where, and you're not allowed to look at the source code or learn how it works because that would threaten Hollywood's profit margins.
We're basically building a system of DRM for access to human beings, and making the whole world dependent on these unaccountable entities.
TPMs allow for arbitrary key storage by the operating system. They're not necessary for DRM. In fact, I've wiped my TPM several times to upgrade the firmware and I've had no trouble playing DRM content whatsoever.
Technologies like Intel's management engine and SGX or their AMD/Qualcom/Apple counterparts are definitely problematic for user freedom in the way they're implemented. However, the TPM system itself is quite neutral: usually, you can clear it from the UEFI, lock it with a password (though that might need to be done from the OS) leaving whatever hostile OS you may run unable to exert any control on the device whatsoever.
I'm personally a big fan of technologies like TPMs and secure boot as long as they're user configurable. I want to be able to install my own keys and force the system to only boot operating systems of my choice. Secure boot with just the MS keys is quite silly and ever since that one version of Grub could be exploited it's basically useless; secure boot with user or enterprise keys can be an incredible tool for defence in depth, for example when visiting countries where border agents may try to gain access to your data without your permission or knowledge (China, USA, etc.).
If I had my way, I'd use Coreboot together with Secure Boot, with encryption keys stored in a TPM, the transfer of which goes through an encrypted channel (a feature of TPM 2.0 that nobody uses) after unlocking it with a password. Sadly, most Linux OS developers have a grudge against these technologies because they're used by companies such as Microsoft and Apple to reduce user freedom on some of their devices.
The user-hostile part of the TPM is the built-in key signed by the manufacturer which shows that it's an "approved" TPM which won't—for example—release any of the keys stored inside to the device's owner. This is what allows the TPM to be used as part of a DRM scheme.
If it weren't for that small detail then I would agree that TPMs can be useful for secure key storage and the like, working for the device's owner and not against them. The actually useful (to the owner) parts of the TPM do not require the manufacturer's signature.
It enables it, but that's just because both you, the device user, and M$ and the rest of the media industry, need to ensure the TPM inside the processor is genuinely from the manufacturer. You wouldn't want to use a TPM if an attack vector is one where China (who is a large part of the supply chain) can poison a large amount of TPM shipments with their own key that can be used to export or otherwise access internally-stored keys.
If your threat model is "China has backdoored your TPM" then making the TPM more opaque and unauditable doesn't improve the situation. How would you know if your TPM is lying and pretending to still have the original key when actually it has a replacement Chinese one?
Is there a way to list this blacklist? I have several computers which haven't received updates in years and I strongly doubt that the internal blacklist has been updated.
Which is a pretty big security threat that is constantly ignored. It just isn't acknowledged when people talk positively about TPM even if remote attestation is completely build-in by now. Security for whom becomes the question here.
My vision of future authentication (shared by colleagues in security) is based in strong hardware credentials and additional layer-7 context about identity, device and location. Basically, more identification of you and your browser using cryptographically-guaranteed and immutable events. It is actually the deprecation of passwords altogether and generally moving the trust boundary away from the control of the user entirely. I also don't enjoy it, but it would solve a lot of current problems we see in information security.
I don't know if you're being sarcastic, but your vision sounds like a nightmare and not very far removed from Gattaca.
> moving the trust boundary away from the control of the user entirely. I also don't enjoy it, but it would solve a lot of current problems we see in information security.
Every despot throughout history has noted that freedom can be traded for security, but I thought that most of us would agree that freedom is more important.
Society is replete with trade-offs sacrificing freedom for collective security. You can make moral judgements about this all day, but it won't change the dynamics of our lives.
Every technology is a double-edged sword. Like firearms, security controls can be used to guarantee peace and freedom or wage war and distress. The responsibility is with the administrator of that tool, not the tool itself.
Doesn’t require phone? Supported by desktop browsers also. Third party “auth managers” should be possible — likely integrated into existing password managers?
It's very hard to make a privacy case against FIDO. Practically speaking it's one of the best things that happened to privacy&security since the invention of asymmetric cryptography. The deployment of this tech reduces phishing effectiveness to near zero, or in many cases literally zero.