Yubico Forum https://forum.yubico.com/ |
|
The new key really needs.. https://forum.yubico.com/viewtopic.php?f=16&t=338 |
Page 1 of 1 |
Author: | fortean [ Thu Jun 25, 2009 9:00 am ] |
Post subject: | The new key really needs.. |
Welcome to this topic! I'll highlight the features _I_ would like to see implemented (and some of them may even be 'backported' to version 1). Most of these concepts have been documented on the wiki. The new key, IMNSHO.. - will be delivered with hardened firmware that lacks functions like CapsLock doubleclicking, auto-URL navigation - can not be programmed unless you have obtained its AES key - will deactivate itself for some time if a failed programming attempt is detected - can be loaded with alternate firmware that has functions like CapsLock doubleclicking .. etc. - can be ordered in various colours - supports a pin: after inserting the key, you need to type a 6 digit [0-9] pin on your key board to activate it (it will blink to indicate success) We should also work on revoking and replacing, for example see my proposal for the SKIP protocol (wiki). |
Author: | Jakob [ Thu Jun 25, 2009 10:48 am ] |
Post subject: | Re: The new key really needs.. |
Thanks, fortean. You were quicker than I was in making the first post here Thanks for the Welcome anyway. Will be delivered with hardened firmware that lacks functions like CapsLock doubleclicking, auto-URL navigation - Yes. These are gone Can not be programmed unless you have obtained its AES key - Protection is set at configuration time and in order to make it simple for test, we ship all "developer's keys" without the protection set. Will deactivate itself for some time if a failed programming attempt is detected - An exhaustive search for the access password is futile anyway. Given a 48-bit password and 100 ms latency per try, searching the key space would take about a million years or so. Can be loaded with alternate firmware that has functions like CapsLock doubleclicking .. etc. - The Yubikey 2 is a ROM based design so the firmware cannot be changed. We will however introduce new features as time goes by. However, I doubt that the removed features will appear again. Can be ordered in various colours - YES ! Just like with the Model-T Ford, some time had to pass before other colors than black became available. We'll start with white as the second standard color and see where it goes. At present, we require a MOQ of 5000 pcs for custom colors, but this may change. Supports a pin: after inserting the key, you need to type a 6 digit [0-9] pin on your key board to activate it (it will blink to indicate success) - An interesting feature indeed. We'll put that on the upcoming feature list. Such a function would require a piece of client software though. With the best regards, JakobE Hardware- and firmware guy @ Yubico |
Author: | fortean [ Thu Jun 25, 2009 2:48 pm ] |
Post subject: | Re: The new key really needs.. |
JakobE wrote: Thanks, fortean. You were quicker than I was in making the first post here Thanks for the Welcome anyway. Oops, I apologize - but am happy with the twist this thread took: I imagined it was to discuss features for the 2.0 version and was happily surprised when I found out it was in fact an announcement of the 2.0 version that has most of the features on my personal wishlist implemented allready. JakobE wrote: Will be delivered with hardened firmware that lacks functions like CapsLock doubleclicking, auto-URL navigation - Yes. These are gone Good. Quote: Can not be programmed unless you have obtained its AES key - Protection is set at configuration time and in order to make it simple for test, we ship all "developer's keys" without the protection set. Does this indicate that the new tools allow to set the password without reprogramming the key? In as far as I recall, the old tools did not (don't have them at hand now, will check later). My problem with the default setup is that, as the key becomes more popular, probably some cracker will design some malware to detect and attack it. Plugging the factory default programmed key in such a malware infected system might result in a useless key at best, as the malware freely may reprogram it. And - again, in as far as I recall - setting a password requires reprogramming it, which overwrites the AES string and so I can't use the key to authenticate against the Yubicom servers anymore. I know: you could acquire the AES secret from Yubicom, but that requires showing some proof of purchase. In my case, my company bought 100+ keys and hence I can not provide you with proof of purchase for my unique key, hence will not be able to obtain the key and so can not reprogram the key with its original AES secret. And even if I HAVE the Yubicom AES string: reprogramming the key will reset the counters and resetting the counters will render the key useless JakobE wrote: Will deactivate itself for some time if a failed programming attempt is detected - An exhaustive search for the access password is futile anyway. Given a 48-bit password and 100 ms latency per try, searching the key space would take about a million years or so. Sure. So, the seller of a security device designed to replace / enhance systems based on common passwords tells me that a 48 bit secret (as in: common password) - not even combined with a username - provides plenty of protection? JakobE wrote: Can be loaded with alternate firmware that has functions like CapsLock doubleclicking .. etc. - The Yubikey 2 is a ROM based design so the firmware cannot be changed. We will however introduce new features as time goes by. However, I doubt that the removed features will appear again. Ah, I hadn't realised that it was ROM based, but it makes sense. Well, I guess some people will complain about the missing features, but seen from a security perspective I consider this as a very good development (though frankly I am happy I still have an number of the old keys to allow me to play with these features ) JakobE wrote: Can be ordered in various colours - YES ! Just like with the Model-T Ford, some time had to pass before other colors than black became available. We'll start with white as the second standard color and see where it goes. At present, we require a MOQ of 5000 pcs for custom colors, but this may change. Sure it will! Nice Quote: Supports a pin: after inserting the key, you need to type a 6 digit [0-9] pin on your key board to activate it (it will blink to indicate success) - An interesting feature indeed. We'll put that on the upcoming feature list. Such a function would require a piece of client software though. Well, does it? For fun, I tap the CapsLock key on my keboard sometimes - though the feature is deactivated by default, my key still blinks happily back at me when I do. So, if you're able to read the keyboard LED status, perhaps you can read the keyboard keystrokes as well. As 0-9 have standard locations on most if not all keyboards, perhaps the client-side software is not needed after all ... Something like this:
I haven't studied HID so perhaps I am spitting out nonsense here, but I am willing to stand corrected! Again, my apology for stealing your show, Jakob! |
Page 1 of 1 | All times are UTC + 1 hour |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |