If they can't audit software properly I'm not going to assume they can audit hardware properly.
(keep in mind that the use case here is personal tokens and thus personal validation; remote attestation is desirable in other use cases but not really very compelling here)
-
-
- Firmware upgrade over the air... Having an upgradable FW is a must-have in terms of security. - Integrity of code is also a must-have. You can't sell Yubikey like products and asking your customers to load the code using the JTAG...
-
Yubikey does not have firmware upgrade over the air. It's why they keep having to do recalls when they have bugs. This subject is tbh pretty long for Twitter, but suffice it to say that I know people who have though long and hard about this problem and have come up with...
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.