nixCraft 🐧 on Nostr: Are you using YubiKey 5 Series with firmware version below 5.7 as FIDO hardware ...
Are you using YubiKey 5 Series with firmware version below 5.7 as FIDO hardware tokens (2FA)? There is a bad news for all users. YubiKeys are vulnerable to side channel attach and there is no firmware update possible to fix this issue. The attack is difficult to carry out as it requires physical access to your key and specialised equipment.
https://ninjalab.io/eucleak/Published at
2024-09-04 10:10:54Event JSON
{
"id": "812dbb18c575683b5b17a267839445dac8eef89fb3380b5353ae79270ff58db9",
"pubkey": "9d6742ff43235eb568c0bc55fa8acf7e004ca06a7c9e0c3da2b089a098b769b9",
"created_at": 1725444654,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/@nixCraft/113078740857472668",
"web"
],
[
"proxy",
"https://mastodon.social/users/nixCraft/statuses/113078740857472668",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.social/users/nixCraft/statuses/113078740857472668",
"pink.momostr"
],
[
"-"
]
],
"content": "Are you using YubiKey 5 Series with firmware version below 5.7 as FIDO hardware tokens (2FA)? There is a bad news for all users. YubiKeys are vulnerable to side channel attach and there is no firmware update possible to fix this issue. The attack is difficult to carry out as it requires physical access to your key and specialised equipment. https://ninjalab.io/eucleak/",
"sig": "8d61138eb78e4d4d75c949843f7edb74a7257c92541ddc07757a7034704a751c77ccacb51774d29499e69b4d5be7967c925c164b913a39f8440a5d12f0c8b978"
}