ᏤⵁŁ₮ƦⵁИł€  

This Passkey idea sounds good in theory, but I have some serious concerns with what is described in this post.

security.googleblog.com/2023/0

1+
./katerina_ ⚧️  

@voltronic

I understand the mentality, but it almost assuredly has weaknesses and sociological issues besides.

Even IF it's storing it in the TPM/cryptoprocessor, the architecture has had weaknesses and flaws in the past and it's often not the simplest operation to fix. Can't wait to hear the inevitable "$ransomwaregang implements cryptographic key stealer in toolkit"

1
ᏤⵁŁ₮ƦⵁИł€  

@KAutumnrain
Yep. Oh, and we need to have a Bluetooth proximity check from new device to phone. Guess I can't create a key on my desktop pc then?

1
./katerina_ ⚧️  

@voltronic

Ya my desktop's off limits for that one...
Hell, even most of my Laptop collection lacks bluetooth. Neat!

1
ᏤⵁŁ₮ƦⵁИł€  

@KAutumnrain

> It's asking for the device passcode.

> It's 0000.

> Haha. Really, what's the code?

> 0000. Like everything else.

1
./katerina_ ⚧️  

@voltronic

"1 2 3 4 5"

1
ᏤⵁŁ₮ƦⵁИł€
Follow

@KAutumnrain
Dammit, that's the exact same combination I have on my luggage!

· 0· 0· 1
Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…