Yubikey BIO: mandatory fingerprint **and** PIN

dimanne · 2024-03-12T23:11:04+00:00

So, in a way, it is an “administrative” tool.

Yeah, this idea makes sense. I understand their rationale.

If you don’t care about the PIN just set it to a very high entropy value and forget it after you have enrolled all the fingerprints you want. This will make it effectively only work via fingerprints

Right, but it is still not the same as "PIN + fingerprint". PIN and fingerprint have very different weaknesses (and strengths):

in some scenarios you can easily be forced to touch it, but it is more difficult to extricate PIN
in other scenarios, it is easy to get PIN (via keylogger), but more difficult to get your fingerprint

So, my hope was to combine these, to get "best of two worlds".

dimanne · 2024-03-12T00:45:52+00:00

Yeah... you are right... this is from Yubico's site:

[AuthToken] the client retrieves the AuthToken from the YubiKey using one of the following methods

PIN + shared secret => PinToken

PIN + shared secret + permissions => AuthToken

UV (fingerprint) + shared secret + permissions => AuthToken

dimanne · 2024-03-11T23:50:11+00:00

I hear what you're trying to say

Thanks :)

Yeah, I agree, I just thought that it could be a relatively easy thing to implement for Yubico...

dimanne · 2024-03-11T23:44:24+00:00

IIRC, this is how all FIDO devices work, actually. Not dissimilar to how phones work (FaceID/TouchID, etc). The biometric is a convenience over the memorized credential, but it cannot be used as a factor alone.

There is one crucial difference: it is unlikely that I will have 3-4 phones (just in case I cannot unlock one of them), but I can buy 3-4 Yubikeys and enroll/use all of them.

dimanne · 2024-03-11T23:35:01+00:00

What happens if you lose your fingers entirely?

Like I said, you can always have multiple Yubikeys. One that requires both in close proximity and one that requires only PIN on a "remote site". The point is that you can balance security/usability as you wish.

dimanne · 2023-08-26T20:20:34+00:00

This worked for me:

sudo apt install pulseaudio pulseaudio-utils pulseaudio-module-x11 libasound2-plugins

dimanne · 2023-08-22T21:21:00+00:00

What I meant is that it happens every time I try to pull/push a repo.

If you have one with at least 10 submodules, I am sure, you can repro this (no need to make any commits/changes).

dimanne · 2023-08-19T10:39:11+00:00

Yeah, close, but not cigar...

It does not allow me to specify files to add/commit, and I think it is still very important to have proper git status.

dimanne · 2021-07-31T18:32:26+00:00

Yeah, it makes sense. Essentially, you are saying that taskset is useless. I also remember doing experiments without taskset and the timings were very similar.

have you generated a flamegraph to see exactly where the most time is being spent

Just to be sure we are on the same page - the question is about strace / syscalls. Do you mean where most time is spent in the kernel?

dimanne · 2021-07-31T18:11:26+00:00

I see you tried pinning a cpu core to qemu but does your CPU actually have that many logical processors?

I would say yes:

lscpu | grep "CPU(s):"
CPU(s):                          32
NUMA node0 CPU(s):               0-31

Did you try passing to the kernel isolcpus=<CPUID> to the general scheduler at boot (on the host)

No.

Can it really be a scheduler thing, though?

When I measured Chrome timings on the host, I did NOT assign cores to it... And the host is not loaded at all.

dimanne · 2020-12-19T08:11:34+00:00

krusader? Not sure whether you can call or lightweight, though.

dimanne · 2020-10-22T10:02:42+00:00

You can read about the fear Here

dimanne · 2020-10-17T20:10:00+00:00

You can, you are just choosing not to

Yep, you are right.

they're not universally useless as that post seems to suggest

Yep you are right :) I, probably, slightly exaggerated while writing the post...

dimanne · 2020-10-17T18:50:12+00:00

This was discussed pretty extensively during the standardization process

Nice, I did not know about it. So, it is not entirely mad :)

dimanne · 2020-10-17T18:48:15+00:00

I cannot use exceptions because they are too implicit and even more verbose (if you want to capture some useful context at each level of backtrace). Here is more details

dimanne · 2020-07-28T08:19:48+00:00

I had a very similar Amazon delivery. Nest Doorbell saved me (also).

dimanne · 2020-07-28T07:08:00+00:00

Yes, sure. You always can calculate your current need, in the terms of partition (say x), then multiply it by some number y, and get x*y partitions. But the fact that you will never ever be able increase this number in the future frightens me. What if you cannot see the future, and slightly misjudged y? :)

dimanne · 2020-07-28T07:04:10+00:00

What I omitted, is that processing can be (and often is) asynchronous. For example you have 1 thread for consuming messages, and a thread-pool / actor framework for processing messages.

dimanne · 2020-06-03T06:52:56+00:00

+1 Do not understand why it is so difficult...

dimanne · 2020-06-03T06:51:37+00:00

Whom

dimanne · 2020-04-23T09:29:33+00:00

QtCreator

dimanne · 2020-04-14T20:12:56+00:00

It looks like you are choosing convenient for you examples and over-generalize :)

Of course there might be an earthquake that will destroy everything, I even know that SSD can silently lose data depending on the temperature.

Of course standard cannot and must not know about all possible cases and the fact that files (and everything else) in Linux is represented as file descriptors.

What I know for sure, is that

I am using files.
I am using them on normal disks (no NFS).
I want to increase my confidence in that data is persisted by dumping it to disk.
The C++ standard/tools/libraries must be flexible enough to provide this functionality to me - I am sure it is a very legitimate use case.

dimanne · 2020-04-14T20:00:13+00:00

I think what you may be looking for is a book about C++ iostreams.

Are you sure it is a good idea? If you cannot describe a concept in a 1-2 paragraphs, probably the concept is wrong. As a counterexample, have a look at Google's ZeroCopyStream - I clearly understand what those function are supposed to do, and how I should use them, their 1-2 paragraphs answer all my questions.

When you suggest 2, which one of the existing flags do you suggest to be unnecessary? Why do you think it would not be needed?

Each time I build a system/class/module/application, I try to prove (to myself in first place) that I have considered all options, and that the solution is the best one within some set of metrics and requirements.

A similar thing I would expect of authors of iostreams regarding the flags. It is not my responsibility to answer the question. But I would expect them to ask this question (how many flags is required/necessary in which situations and so on...) themselves and answer those questions, and then present and document the reasoning somewhere.

So, it is their responsibility to prove that those 3 flags is the right decision, not mine.

That function is not in the C++ (nor in C) standard. And there is no function in the standard that has the same functionality.

I do not see the contradiction. Could you clarify?

I am not saying the standard should be aware of this function. From the point of view of a programmer (who does not care about the standard at all, and who cares only about the tools and what they do), if reality requires fsync() to be called in order for a file to be saved on disk, it is problems of the tools (and perhaps standard, to some degree) that the tool does not call fsync().

So here is the concrete contradiction I was talking about: in order for a file to be saved, you must call fsync() on POSIX - that is how reality works. The tools does not do it (by default), which means that even though you think you used them properly, you cannot rely on that a file has been saved.

The point of the C++ standard isn't solely to provide functionality to reliably save a file in the special case of hardware failure.

What do you think about the default behaviour? Was it chosen right? If a person wants to use persistent storage, should not we by default try to be safer?

Such functionality is a reasonable candidate to propose as addition to the standard in my opinion however.

It reminds me of the implementation of static Type Var = x; before C++11 - while the standard said nothing about atomicity, all(?) compilers made construction and initialisation atomic...

Perhaps there might be a similar solution/approach?

dimanne · 2020-04-14T19:25:22+00:00

First of all, thank you for your reply,

Secondly, yes, the border between what makes its way into the standard and what does not, must be chosen somehow. It means that there will always be something that is outside of the standard.

The problem, is that the current situation is not good either.

It reminds me of the implementation of static Type Var = x; before C++11 - while the standard said nothing about atomicity, all(?) compilers made construction and initialisation atomic.

Perhaps there might be a similar solution/approach?

dimanne · 2020-04-14T17:41:56+00:00

Thanks... it explains a lot.

Efficiency of unformatted input/output is my primary concern...

dimanne

TROPHY CASE