If you use a non-Neo yubikey and firmware prior to 2.4, you're vulnerable - physical access = stolen private key in less than half an hour.
https://www.emsec.rub.de/media/crypto/veroeffentlichungen/2014/02/04/paper_yubikey_sca.pdf
If you use a non-Neo yubikey and firmware prior to 2.4, you're vulnerable - physical access = stolen private key in less than half an hour.
https://www.emsec.rub.de/media/crypto/veroeffentlichungen/2014/02/04/paper_yubikey_sca.pdf