|
I never heared anything from Gleg since the first posts so I've simply passed him to the Troll corner.
We have an explicit policy of not deleting posts or threads, even if we don't like what's been discussed in threre or how it's done. I did not want to feed any Trolls but the subject is important and we want to be transparent here. As the thread now has moved up again, let's just re-state some facts:
Extracting secret information from the USB chip requires time, specialized skill and some serious equipment. Without denying it can be done, I really doubt it was ever done as claimed. It is worth stating again that even if anyone with the right setup (could be a research institute, univeristy or silicon design lab) would give it a stab - when the information was extracted, one single key would be compromised. No difference from other OTP generators...
With the introduction of Yubikey2 we've also made it increasingly difficult to just penetrate the Yubikey as it is now a reinforced monolithic block. Anyone who would finally succeed would then find an entirely different chip than the one Gleg found.
With the best regards,
JakobE
Hardware- and firmware guy @ Yubico
|
Login
FAQ
Search
