|
|
|
|
|
|
by lxgr
1022 days ago
|
|
|
The button of a Yubikey doesn't add as much security as you might think: Since you don't know what you are actually confirming (due to the lack of a display), what prevents an attacker with control over your OS to just wait until you want to confirm something legitimate and then front-run that request? |
|
|