They really should. The recovery of the one secret the device is supposed to keep is catastrophic. Sure, the recovery itself might be an edge case, but Yubikey users buy the product to protect themselves from edge cases.
> I'm a bit baffled that they're not offering a replacement programme.
That was under the previous leadership when Stina Ehrensvärd was CEO.
Now they've taken VC money[1], and more recently merged with a listed SPAC[2] I suspect replacement devices will never happen because, you know, shareholders come first.
I wish Yubico had some serious competition, but sadly they don't. NitroHSM is not the same thing (plus has flashable firmware, which leads to potential security risks). Tilitis looks interesting, but its far from maturity.
I have used SoloKeys since v1. Currently own two v2 SoloKeys, and they "just work" for anything involving FIDO2. I specifically use them for storing SSH private keys and WebAuthn credentials. The key can be used on any device with a USB-C port (there is also a variant supporting NFC, but I don't have that variant)
Despite being a bit careless with my keys (e.g. leaving them in a pocket and washing said clothing), they still work just fine. I highly recommend SoloKeys to anyone who wants to support open source hardware and firmware.
> I wish Yubico had some serious competition, but sadly they don't.
Looking at the list of FIDO certified hardware authenticators alone, they definitely do.
My country's eID scheme even requires FIDO Level 2 certification, which Yubico hasn't had for a while, so they practically supported only non-Yubico authenticators until recently.
> I wish Yubico had some serious competition, but sadly they don't. NitroHSM is not the same thing
What's not the same thing as what? There's no NitroHSM (Nitrokey has 2 different HSM-related products that are different kinds of things from each other, and neither is called that), and most Yubikeys aren't their special HSM devices.
> You don’t need to be some big corpo to be considered ‘serious’.
That's not what I meant and I suspect you know that. :)
I meant everything from the Yubico hardware (more compact and less bulky than anything else out there) to the Yubico software (extensive featureset with more controllability than most other products out there).
Also as I said already, Yubico is one of the few (only ?) one that does not permit firmware flashing. Most competitor keys have firmware flashing capability, which to me is a big no-no as its an attack surface just waiting for an exploit.
I suppose I'm not a regular consumer, but I buy devices like these under the expectation that they will eventually succumb to practical low-cost attacks.
I would be feeling a bit miffed if I bought one recently, though.
Previously when their Yubikey 4's were found to be suceptible to the ROCA vulnerability [0], they issued replacements [1] for any customers who had affected devices. I had a few of those devices and they were replaced for free.
I guess that's a disadvantage of having a non-upgradable firmware. They can't fix these devices that are already out in the field.
As I understand it, the ROCA vulnerability is "the secrets generated by a YubiKey may be susceptible to classic cryptographic breaks", something along the level of "the cipher is inherently weak."
This vulnerability, meanwhile, appears to be in the class of "if someone has physical access to your hardware token, and has access to some specialized (expensive) hardware to do side-channel analysis, they might be able to do side-channel on your hardware token." But if someone has physical access to the hardware token... I mean, at that point, most people would consider it compromised anyways and wouldn't expect security guarantees from that point.
Not being able to flash the firmware is a feature, not a bug. :)
Its the fundamental reason I won't buy NitroHSM because of the Rumsfelt unkown-unknowns about use of the firmware flash feature on NitroHSMs as a future exploit route.
> Not being able to flash the firmware is a feature, not a bug. :)
It is a feature only if they ship replacement devices in case of issues like this. If they don't and you're left with a broken device then I'd rather count it as a "bug".
