i find it really interesting that, while making a lock that resists picking by -doing nothing- is pretty complex and expensive, making a lock that resists picking by -permanently failing closed- is damn near trivial
Conversation
it's interesting because, observing that almost no locks on the market use trap pins (based on some quick googling), one can conclude that people value availability much more than security, in general
6
13
61
most locks aren't security devices! they're... availability devices. they must provide high availability for you and slightly lower availability for everyone else. but not much lower or they become bad
Quote Tweet
Replying to @whitequark
I think "locksmith can just pick it for you so you can get your keys" is a much more important usecase than preventing a sneaky home burglary
3
11
61
anyway, apply this thinking to infosec and you'll understand why i consider personal (non-enterprise) use of HSMs like Yubikey hard to justify (* see caveat). they focus on security but availability is generally more important, and it's so easy to lose or break them
3
4
30
Replying to
Trezor Model T can be used for U2F / SSH / GPG in addition to the baseline wallet functionality, and it provides a proper recovery mechanism. It has an implementation of backing up and restoring the seed phrase by writing it down without exposing it to a general purpose computer.
You aren't locked in to the specific hardware for recovery either, and there's an official software emulator for the device. There are other compatible hardware implementations too, although U2F/SSH/GPG support based on the BIP39 seed is less portable than wallet functionality.
1
1
github.com/romanz/trezor- supports 4 hardware wallets in a portable way right now. I'm unsure on whether the Ledger and KeepKey U2F implementations are fully interoperable, but the Trezor firmware and board design is open source + there's a software emulator so there's no lock in.
2
2
Show replies