and by the way, the security implication analysis in the security advisory severely downplays the impact :
Quote:
In particular, any attacker with access to the local host must be assumed to be able to learn the user’s PIN code, simply by intercepting communication with the OpenPGP card hardware or through key logging.
this is very misleading, as it implies the attacker would need a full compromise of the host to be able to exploid the vulnerability. A shared computer with unpriviledged users is _also_ a possible scenario.
Quote:
Alternatively, if the attacker has physical proximity to the card, it could wait for the device to be used normally over NFC and then learn the PIN code wirelessly and perform the attack at a later point.
This is clearly bad faith ! Someone could easily "borrow" a (seldom used) vulnerable yubikey and use it (for example) to sign a message and return it...
Quote:
If an attacker has gone through the trouble of obtaining physical access to a key, the conservative approach is to regard it is possible that the attacker were able to learn the PIN earlier since the PIN is often unprotected.
Same problem, it completely misses the "borrowing" attack.
Quote:
However its practical consequences are relatively small as a successful attack requires other privileged operations (such as local root access) that are normally not available to an attacker, and would have undermined the security anyway.
I really think you're trying to downplay the vulnerability to avoid updates. Please explain us how we can fix it.
Login
FAQ
Search
