Comment Re:Use bacteriophage (Score 1) 122
> they get loose
Thank you. Just... thank you. I got a tear in my eye when you used 'loose' correctly.
> they get loose
Thank you. Just... thank you. I got a tear in my eye when you used 'loose' correctly.
> U2F is much more convenient
Not if you have an iPhone. It doesn't work on an iPhone so you can't access any of your accounts from the phone.
I have TOPT (Google Authenticator, Authy, Auth+ etc) on my phone and on an old iPod Touch I wasn't using anymore. If I lose my phone I'm not locked out of my accounts.
> bank I use has a device with a tiny camera
Great. My bank only has SMS based 2FA, with a checkbox on the screen labelled 'I forgot my device, log me in without it'. I kid you not. I've complained to their minimum wage offshore support people who can't find my words in their script so don't say anything.
Wrong.
Your private keys are stored in a secure hardware module inside the Yubikey. They never leave the Yubikey not even into your own computer. The login process sends a random challenge into the Yubikey. The Yubikey responds with the challenge encrypted by your secret private key. The website can verify the response against your public key. The response is unique to that random challenge and gives an eavesdropper no useful or repeatable information.
Each website gets a different set of keys generated by the Yubikey to prevent cross-referencing your identity.
The Yubikey can generate a different set of keys for each participating website so separate websites can't cross-reference your identity.
Yubikey is fantastic. Your identifying private keys are stored insider a secure hardware module inside the Yubikey. The login process sends a random challenge to the Yubikey, the Yubikey replies by signing the challenge with your private encryption key. The login process verifies the signed reply against your store public key.
At no time does your secret key ever leave the device, not even to your own computer.
A trojan could eavesdrop on the whole thing and not learn anything useful.
I do the same. I was surprised and disappointed to find out my online stock trading account was selling my info to the most spammers out of all my accounts. Security? lol...
> imagine a country where most people didn't believe in evolution or medicine.
I live in the U.S.A. you insensitive clod!
Yes I am curious. That's why I boot into a Linux Live-CD and make sure my hard drive is not mounted before I plug in the thumbdrive.
> how do you socially engineer someone to put a USB stick with some code into a machine
"Hi, I'm here for an interview. Oh shoot I spilled coffee on my resume. Could you please print a copy for me? It's on this thumbdrive."
> Large numbers of hungry people with the right to arm bears is not a recipe for the filthy rich to go on grinding people down for ever.
Very naive. Large numbers of hungry people are divided into several layers of hungry people, each blaming the layer below them while being grateful for their position and afraid of dropping to the layer below.
It's not like this is the first time the filthy rich have played this game.
Yeah right. Here in 'Merica we can't even provide healthcare beyond a third-world patchwork of greed and corruption. God forbid (literally) some poor person gets something they didn't earn or inherit.
Universal Basic Income? Not here anytime soon.
Universal feudal servitude coming right up.
You must be a blast at parties
You didn't define a function, so neither will I:
print('Hello, world!')
You (Ruby) beat me (Python) by two parenthesis! Had I used Python 2 it would be a tie.
"Ninety percent of baseball is half mental." -- Yogi Berra