[clug] Yubikeys on Linux
Nathan Rickerby
rickerby at gmail.com
Thu Jun 11 22:50:29 GMT 2009
On Fri, Jun 12, 2009 at 08:16:33AM +1000, Lana Brindley wrote:
> I stumbled across an interesting article this morning about security with
> the Yubikeys. Thought I'd share:
>
> http://security.dj/?p=4
from the article
"Open source of code makes it easier for attackers."
Obviously a controversial statement. A commenter disagreed with it and
the author clarified by saying that attacks are more probable while they
are between experimental and production, failing to mention that one
step in getting from one to the other is to let people review the code.
Perhaps he would have been better saying that he doesn't believe Yubico's
validation server is suitable for production use. There are more
compelling arguments for that though then the fact that it is open source.
Nathan
who thoroughly enjoyed last night's talk - thanks Bob.
More information about the linux
mailing list