this post was submitted on 22 Nov 2023
456 points (98.7% liked)

Technology

59596 readers
5164 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] _s10e@feddit.de 3 points 1 year ago (1 children)

Well

The biometrics only unlock the device

Yes

and give access to the security key

This is the goal, sure, but what does this actually mean on device that's mostly governed by software?

There's a chip (like a yubikey) in the device that can hold cryptographic keys.

That's good because the key cannot (easily) be extracted from the device.

That's good as long as no one has physical access to your device.

With physical access, you hope that the device's unlock mechanism is reasonably secure. That's biometrics OR password/pin.

The 'or' is the problem. For practical reasons you don't want exactly one method hard-wired. You have a fingerprint scanner (good enough), the secure element (good enough) and lots of hard- and software in between (tricky).

I'm not against biometrics (to unlock a device) because it's convinient and much better than not locking the device at all. I'm also not against device trust (which you need if you want to store crypto keys sonewhere without separate hardware), but the convience of a single-device solution (laptop or phone) comes with a risk.

If an attacker can bypass the unlock method or trick you into unlocking or compromise the device, your secrets are at risk. Having the key stored in the secure enclave (and not in a regular file on the hard disk) prevents copying the key material, but it does not prevent using the key when the attacker has some control over the (unlocked) device.

A yubikey is more secure because it's tiny and you can carry it on your keychain. The same chip inside your laptop is more likely to fall into the hands of an attacker.

[–] MostlyHarmless@sh.itjust.works 3 points 1 year ago* (last edited 1 year ago)

If someone has physical access to you and your device, they are getting in

https://xkcd.com/538/

Using biometrics to protect your online accounts is far more secure than a password