Stories
Slash Boxes
Comments

SoylentNews is people

This New YubiKey Will Offer Dual Security for Apple Users

posted by Fnord666 on Thursday August 22 2019, @12:35PM   Printer-friendly
from the pick-a-standard-please dept.

upstart writes:

Submitted via IRC for SoyCow3196

This new YubiKey will offer dual security for Apple users – TechCrunch

Almost two months after it was first announced, Yubico has launched the YubiKey 5Ci, a security key with dual support for iPhones, Macs and other USB-C compatible devices.

Yubico’s newest YubiKey is the latest iteration of its security key built to support a newer range of devices, including Apple’s iPhone, iPad and MacBooks, in a single device. Announced in June, the company said the security keys would cater to cross-platform users — particularly Apple device owners.

These security keys are small enough to sit on a keyring. When you want to log in to an online account, you plug in the key to your device and it authenticates you. Your Gmail, Twitter and Facebook account all support these plug-in devices as a second-factor of authentication after your username and password — a far stronger mechanism than the simple code sent to your phone.

Original Submission

 
This discussion has been archived. No new comments can be posted.
This New YubiKey Will Offer Dual Security for Apple Users | Log In/Create an Account | Top | 6 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Informative) by Anonymous Coward on Thursday August 22 2019, @01:18PM

    by Anonymous Coward on Thursday August 22 2019, @01:18PM (#883595)

    Forgot to rewrite it when I realized it was silly. Here's the company's response, https://www.yubico.com/2016/05/secure-hardware-vs-open-source/, [yubico.com] the short version is:

    So — why not combine the best of two worlds then, i.e. using secure hardware in an open source design? There are a few problems with that:

    • In order to achieve these higher levels of certifications, certain requirements are put on the final products
    • secure silicon [products aren't] available on the open market for developers
    • [above mentioned secure products require paperwork to get]
    • there is no debug port and [it takes too much paperwork to get an emulator]
    • this does not prevent the source code from being published, without the datasheets, security guidelines, and a platform for performing tests, the outcome is questionable, with little practical value

    To summarize, their official reasons are 1) we want to check boxes, 2) you can't get the hardware to run the software on, 3) you can't get the hardware to run the software on, 4) you can't get an emulator to run the hardware on, or fuck with your own hardware, 5) you don't want the software.
    Clearly, they're full of shit.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Total Score:   1