(arstechnica.com)

432 points nobody9999 | 2 comments | 12 Dec 25 16:04 UTC | HN request time: 0s | source

Show context

codedokode ◴[12 Dec 25 17:38 UTC] No.46246465[source]▶

In my opinion, every manufacturer of a programmable device should not be allowed to prevent the buyer from reprogramming it.

replies(8): >>46247960 #>>46248388 #>>46250102 #>>46250233 #>>46251819 #>>46252140 #>>46252929 #>>46280460 #

rstuart4133 ◴[13 Dec 25 03:50 UTC] No.46251819[source]▶

>>46246465 #

I would not buy a FIDO2 token if it allowed anybody to reprogram it, including me. If you managed to make selling me such a device illegal, then may a pox descend on your house.

replies(3): >>46252137 #>>46252249 #>>46256587 #

wpm ◴[13 Dec 25 05:01 UTC] No.46252137[source]▶

>>46251819 #

If I want to reprogram my own FIDO2 token, I should be allowed to.

If I get your FIDO2 token and reprogram it without somehow also wiping the data on it, your problem is that I got your FIDO2 token, not that I could reprogram it without erasing it (which theoretically could perhaps be true right now)

replies(1): >>46252279 #

1. octoberfranklin ◴[13 Dec 25 05:30 UTC] No.46252279[source]▶

>>46252137 #

your problem is that I got your FIDO2 token

For this exact reason, I store my cryptographic keys in a ring which I never remove from my finger.

replies(1): >>46268466 #

2. pabs3 ◴[14 Dec 25 23:50 UTC] No.46268466[source]▶

>>46252279 (TP) #

Attackers can remove your ring, or just the finger...

https://xkcd.com/538/

↑

Epic celebrates "the end of the Apple Tax" after court win in iOS payments case