mirror of
https://git.sr.ht/~seirdy/seirdy.one
synced 2024-12-12 20:12:11 +00:00
New note: lose-able keys are a feature
This commit is contained in:
parent
eff56f8f6c
commit
a8b09fa6a9
1 changed files with 15 additions and 0 deletions
15
content/notes/loseable-keys-are-a-feature.md
Normal file
15
content/notes/loseable-keys-are-a-feature.md
Normal file
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
title: "Lose-able keys are a feature"
|
||||
date: 2024-09-12T20:30:14-04:00
|
||||
#syndicatedCopies:
|
||||
# - title: 'The Fediverse'
|
||||
# url: ''
|
||||
# - title: 'Bluesky'
|
||||
# url: ''
|
||||
---
|
||||
In opsec, [duress ("rubber-hose") attacks are famously hard to address](https://xkcd.com/538/). Cryptographic keys that cannot be lost have poor protections against duress.
|
||||
|
||||
Travelers can leave key fobs at home should they be accosted. A victim of a break-in can conveniently "lose" or smash a hardware key, erasing any encrypted data. Yes, I know about cold-boot attacks; I don't recommend at-risk people to leave things decrypted for long durations. I like the idea of spring-loaded key fobs that can't be left plugged in.
|
||||
|
||||
People talking about key fob body implants don't usually plan for removing them in seconds with plausible deniability.
|
||||
|
Loading…
Reference in a new issue