DNA companies should receive the death penalty for getting hacked | TechCrunch::Personal data is the new gold. The recent 23andMe data breach is a stark reminder of a chilling reality – our most intimate, personal information might
DNA companies should receive the death penalty for getting hacked | TechCrunch::Personal data is the new gold. The recent 23andMe data breach is a stark reminder of a chilling reality – our most intimate, personal information might
All of these points only apply if you don’t pick a decent password/passkey manager and just stick with whatever google/apple gives you.
Do better.
I can see all my Passkeys in painstaking detail and know exactly what has or has not been deleted/modified. I use my own self-hosted services for managing them between devices, so they are never stored on anything but my own hardware in my control.
The only part that leaves my possession is the public key portion of each passkey, which honestly could be published to a list on their homepage and still remain secure.
Here’s an example of a stored passkey, but with values redacted:
"fido2Credentials": [ { "credentialId": "-redacted-", "keyType": "public-key", "keyAlgorithm": "ECDSA", "keyCurve": "P-256", "keyValue": "-redacted-", "rpId": "amazon.ca", "userHandle": "-redacted-", "counter": "0", "rpName": "Amazon", "userDisplayName": "-redacted-", "discoverable": "true", "creationDate": "-redacted-" } ]Oh yeah? So on Android… How do you get your password manager to work for your passkey storage? Because all I see on android is NFC, USB, and “This device” (which is literally google storage, not your own app). So how do you login to any apps that you’re using passkeys on your phone?
LMFAO, you’ve addressed basically nothing and assume that your answers are sufficient you can fuck right off.
Edit: This is effectively SSL/TLS… Right? So there’s never been a successful attack on that right? Boy do I have a bridge to sell you.