Maybe not.Īssure that once flashed with your own trusted copy of the firmware that you never let the key physically fall into the hands of a malicious agent and thus be subject to reflashing.Īssure while it is in use in any USB slot that no malicious code is able to run to reflash it.
If you flash your own firmware are you sure it fully replaces what this hypothetical agent added? Maybe. Trust that no malicious agent messes with the firmware while the key is in transit between Yubico and you (this has reportedly happened with networking firmware). But this comes with significant security degradation. If you want to confirm the version of OpenPGP then you must require Yubico to change the security design to allow field firmware uploads. You could audit the source all you wanted but you would have no way to know what exact implementation was uploaded to your key (short of maybe some kind of DOD-level slicing down of the hardware and imaging with xray microscopy or something).
Had they used a OpenPGP implementation with available source then this required trust would not change. Trust Yubico to have uploaded firmware known to them to have no vulnerabilities in the OpenPGP implementation. It's an issue of trust and one you can not escape.
0 kommentar(er)
