Re: Infineon firmware security issues

Le mardi 17 octobre 2017 à 13:33 +0300, Eyal Edri a écrit : > Thanks, > > So if I have an old YubiKey ( 2.43 ) I shouldn't be affected right? > only V4 > is ? That's what the post on yubico.com seems to imply. We do not know what chipset is used in the key, so I can't give a educated guess. But

Re: Infineon firmware security issues

Le mardi 17 octobre 2017 à 13:36 +0300, Eyal Edri a écrit : > On Tue, Oct 17, 2017 at 1:31 PM, Michael Scherer > > wrote: > > > Le mardi 17 octobre 2017 à 18:56 +0900, Marc Dequènes (Duck) a > > écrit : > > > Quack, > > > > > > So the news (thanks Misc for the alert): > >

Re: Infineon firmware security issues

On Tue, Oct 17, 2017 at 1:31 PM, Michael Scherer wrote: > Le mardi 17 octobre 2017 à 18:56 +0900, Marc Dequènes (Duck) a écrit : > > Quack, > > > > So the news (thanks Misc for the alert): > > > > https://www.infineon.com/cms/en/product/promopages/rsa-update/rsa-bac > >

Re: Infineon firmware security issues

Thanks, So if I have an old YubiKey ( 2.43 ) I shouldn't be affected right? only V4 is ? On Tue, Oct 17, 2017 at 12:56 PM, Marc Dequènes (Duck) wrote: > Quack, > > So the news (thanks Misc for the alert): > > https://www.infineon.com/cms/en/product/promopages/rsa- >

Re: Infineon firmware security issues

Le mardi 17 octobre 2017 à 18:56 +0900, Marc Dequènes (Duck) a écrit : > Quack, > > So the news (thanks Misc for the alert): > > https://www.infineon.com/cms/en/product/promopages/rsa-update/rsa-bac > kground > > This affects Yubikeys and other hardware: >  

Infineon firmware security issues

Quack, So the news (thanks Misc for the alert): https://www.infineon.com/cms/en/product/promopages/rsa-update/rsa-background This affects Yubikeys and other hardware: https://www.yubico.com/support/security-advisories/ysa-2017-01/ There's a nice tool to test if a key is vulnerable: