Yubico: Secure hardware vs. open source

by
corbet
from LWN.net on (#1E1WM)
Yubico has posted ablog entry defending the company's decision to switch to closed-sourcecode in the Yubikey 4 product. "If you have to pick only one,is it more important to have the source code available for review or tohave a product that includes serious countermeasures for attacks againstthe integrity of your keys?"

See also: KonstantinRyabitsev's response to this posting. "When it comes to anyhardware, we must at some point trust the manufacturer -- unless we havevery large budgets that would allow us to fully monitor every step of themanufacturing process. In the absence of such large budgets, we must baseour trust on the company's prior record and their willingness to work withthe community to show that their hands are clean and their intentions arepure. Putting out a blackbox proprietary device after all the good will youhave built up with NEOs sends the exact opposite message."

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments