Dropbox To Support Intel Kaby Lake U2F Authentication, But It’s No Security Panacea

Status
Not open for further replies.

Achoo22

Distinguished
Aug 23, 2011
349
0
18,780
0
This is a huge backwards step for users. These technologies are being leveraged to secure *us*, not our data. I miss the old VGA standards that allowed me to peek and poke on a per-pixel basis - I don't want "protected display" technologies that prevent me from inspecting my "personal" computer and I don't wish to assist companies in tracking me further.
 

cbsecurity

Commendable
Jan 6, 2017
5
0
1,510
0
Automated and convenient is music to the ears of malicious hackers. I've been a huge fan of 2-factor when the utilized with SMS/app, token devices and print/retinal authentication. The "2" is already getting old, however, and "multi" is the term I look for in authentication for sensitive data these days. But I also think it should be a choice once you move past U2F. Regardless, I actually think you're better off with SMS/app based U2F so won't be too happy when Dropbox finally removes in favor for the "ubiquitous" change to come.
 
"...above SMS authentication, which NIST has already recommended to be deprecated as it has proven to be too insecure...." I'd be interested in hearing how SMS authentication is attacked.

wired said https://www.wired.com/2016/06/hey-stop-using-texts-two-factor-authentication/
"..Attacks on political activists in Iran, Russia, and even here in the US have shown that determined hackers can sometimes hijack the SMS messages meant to keep you safe. Whenever possible, it’s worth taking a minute to switch to a better system, like an authentication smartphone app or a physical token that generates one-time codes..." Not sure how this would apply to me protecting my Steam account.
 

bit_user

Splendid
Herald
So, would this work with virtualization? Or does it only work with a monitor that's physically connected to the system containing the CPU, without any hypervisor or virtual device drivers in between?
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS