My point is still that these devices (yubikeys) have always been black boxes. Nothing has really changed.
Yes, I prefer open and Free systems. I don't like running on Intel chips, because they come with a back door monitoring chip that's hard to keep track of, especially on systems with an integrated network card. Yes, it's nice to have the PCB, hw design and code of a device whose purpose it is to "do crypto".
But I still don't see how things changed wrt. yubikey here. They have always been upfront about selling magic crypto beans so to speak: either you trust them, or you don't. There's no real transparency. There's not even (AFAIK) an easy way to know you have an actual yubikey device, and not a device that just looks like a yubikey[1] - but in fact contains different, or modified hw that does a little more than you would like. And so is the case with keyboards on which you enter your secret communication (as well as passwords and pass-phrases).
This isn't new, it's been yubikey's business model to be a company you trust to "do crypto". I still think it is much more likely that a yubikey isn't compromised than the rest of your system. And I think it does buy you some security. I'd even go so far as to say I probably trust a small proprietary system by experts, more than the behemoth that's the jvm/jdk/javacard.
I'll also note, that it is probably easier to spot a yubikey "read abitary files from my system and then call home", than it is to spot a yubikey answering to a secret 40-digit number and disclose all session keys it's generated up to that point, along with any private keys stored on the system. Which is the kind of thing you'd probably not want it to do, when handled by Egyptian secret police, or whomever it is you've pissed off.
Yes, I prefer open and Free systems. I don't like running on Intel chips, because they come with a back door monitoring chip that's hard to keep track of, especially on systems with an integrated network card. Yes, it's nice to have the PCB, hw design and code of a device whose purpose it is to "do crypto".
But I still don't see how things changed wrt. yubikey here. They have always been upfront about selling magic crypto beans so to speak: either you trust them, or you don't. There's no real transparency. There's not even (AFAIK) an easy way to know you have an actual yubikey device, and not a device that just looks like a yubikey[1] - but in fact contains different, or modified hw that does a little more than you would like. And so is the case with keyboards on which you enter your secret communication (as well as passwords and pass-phrases).
This isn't new, it's been yubikey's business model to be a company you trust to "do crypto". I still think it is much more likely that a yubikey isn't compromised than the rest of your system. And I think it does buy you some security. I'd even go so far as to say I probably trust a small proprietary system by experts, more than the behemoth that's the jvm/jdk/javacard.
I'll also note, that it is probably easier to spot a yubikey "read abitary files from my system and then call home", than it is to spot a yubikey answering to a secret 40-digit number and disclose all session keys it's generated up to that point, along with any private keys stored on the system. Which is the kind of thing you'd probably not want it to do, when handled by Egyptian secret police, or whomever it is you've pissed off.
[1] https://www.yahoo.com/news/report-nsa-intercepts-computer-de...