|
|
|
|
|
|
by stebalien
649 days ago
|
|
|
This attack doesn't allow anyone to, e.g., bypass any PINs you may have set on your yubikey. It allows an attacker to extract your keys if and only if they can already use your yubikey. From what I can tell, the risk is: 1. Someone takes your yubikey without your knowledge. 2. They manage to disassemble it, extract your key, and put it back together. 3. They secretly return your yubikey. 4. You continue to use your yubikey, unaware of the fact that it has been compromised. |
|
|