undefined | Better HN

0 pointschrisweekly2y ago0 comments

> "and use fingerprint/faceid instead of a password"

This is the part that makes absolutely no sense to me. An essential aspect of passwords is that they can be changed. If someone manages to fake the digital representation of my fingerprints or face, what now? Security guru Bruce Schneier has written about this w/ much more eloquence and authority.

0 comments

vel0city2y ago

The fingerprint/faceid is just a local proof to unlock the actual asymmetric encryption key. It is not your actual identifier to the remote server. So if you need to redo your auth, you just rekey and stash the new key in your authenticator (or have your authenticator originate the key material and never expose it to main memory at all).

Think an SSH key protected by a passphrase. Your passphrase isn't the thing that actually logs you into the server, its just what you use to unlock your actual key material you use in your SSH handshake. Your fingerprint/face identity is just your local unlock of the actual key material stored in some other secure enclave.

chrisweeklyOP2y ago

thanks, that does help.

throwaway484762y ago

The unstated value of a USB key is the functional similarity to metal keys for ordinary people.

int_19h2y ago

Not quite. It's easy to create a duplicate of your metal key, and many people do exactly that to avoid a situation where they lose it and have no way of opening their door. The fact that you can't do that with USB keys is my biggest gripe with them. I understand that inability to copy even if you have physical access to the original has its security advantages, but 1) most things don't actually need that much security, and 2) it could still be done by e.g. allowing you to buy them in premanufactured batches where all keys are identical.

c0wb0yc0d3r2y ago

This is exactly how I describe them to many as well. I just wish there was a USB key with the durability of a metal key.

vel0city2y ago

Somewhat personal ancedote, but I've had pretty good experiences with Yubikeys. I've had one on my daily keychain for over a decade now. Its been run through clothes washing machines too many times to count, I've left it out in rainstorms, its been baked in the sun on hot summer days multiple times, its been dropped in pools, its been run over by a car, I've dropped it some pretty significant heights while hiking. It is still working just fine. That and a PNY 16GB metal keychain flash drive have taken a ton of abuse and are still working just fine. Other than a higher melting point or ability to take high energy RF I don't imagine there is much more abuse a traditional metal key would have compared to what I've done to my Yubikey.

Arelius2y ago

Maybe it’s the old USB version? I haven’t had so much luck… I had a couple of nanos, and those broke pretty quick. More recently, I switched to a usb-c version…. And while it still works and stays attached to the key ring. The plastic housing has broken already. I got a corp branded one now, that I’m trying and seems a touch more robust

1 more reply

abdullahkhalids2y ago

If there was a NFC only version of these (and laptops came equipped with NFC), then we could make a block-of-metal key. No ports/holes and no buttons. Would be water proof and crush resistant. Assuming that you can send NFC signals through metal.

selykg2y ago

The biometric stuff is simply allowing access to the keys. It’s not being used for anything else.

Your face or fingerprint being out there isn’t a concern because that’s not, ultimately, the thing being used to generate the keys or anything.

It’s an ease of use function.

On iOS for instance, as I understand it, these are being stored in iCloud Keychain. Which has a password. The derived key for iCloud Keychain is stored in such a way that the system has access if you allow biometrics to be used.

Biometrics then simply allow access, in essence, not part of the encryption process. The password for iCloud Keychain is necessary to add those items on a new device. Your biometrics aren’t stored by Apple anywhere other than in the device.

Honestly I am blown away how few people on this site understand how this stuff works. It’s fascinating and I’m surprised more people aren’t interested in understanding it. But so many people assume the biometrics are being used in the encryption process and that if your face is somehow stolen your whole life is doomed. These features have been on Apple devices for what.. a decade almost at this point? More? The process for Face ID is the same as Touch ID. Developers make zero distinction between the two in code, as that whole process is passed off to the system and effectively results in a bool value (or access to the secure item requested). At no point does a developer ever get your biometrics data.

I don’t know how Android or Windows do it but it is similar enough I suspect.

The FUD around passkeys feels like some sort of propaganda campaign to discredit it.

pixl972y ago

"A pass key is an ssh key with more steps for the user to fuck up and get locked out of their account"

I mean there is plenty of FUD, but at the end of the day it's not terribly exciting technology.

kevinsync2y ago

Agree. I actually wanted to acquire a biometric signature to do something with it on iOS and was super bummed once I dug in to see how it works -- all Apple exposes is a function that returns true or false hahaha

m3kw92y ago

This is the part where you have people dismissing a security from a simple assumption and reverting back to another assumption of their current state. Is still dangerous

taeric2y ago

Your fingerprint/faceid/whatever is used to access the passkey. It is not the passkey. To that end, yes, if you are worried about clandestine access to your phone (if that is your passkey), then you probably don't want to allow access using fingerprint/faceid. And if someone can copy your passkey off of your phone, you are again compromised.

m3kw92y ago

Your faith in humanity seem low, because this would never be pushed worldwide by security experts who eats and sleeps it, if it was so easily broken where you just figures it out during a comment

j / k navigate · click thread line to collapse

0 comments

vel0city2y ago

chrisweeklyOP2y ago

thanks, that does help.

throwaway484762y ago

The unstated value of a USB key is the functional similarity to metal keys for ordinary people.

int_19h2y ago

c0wb0yc0d3r2y ago

This is exactly how I describe them to many as well. I just wish there was a USB key with the durability of a metal key.

vel0city2y ago

Arelius2y ago

1 more reply

abdullahkhalids2y ago

selykg2y ago

The biometric stuff is simply allowing access to the keys. It’s not being used for anything else.

Your face or fingerprint being out there isn’t a concern because that’s not, ultimately, the thing being used to generate the keys or anything.

It’s an ease of use function.

I don’t know how Android or Windows do it but it is similar enough I suspect.

The FUD around passkeys feels like some sort of propaganda campaign to discredit it.

pixl972y ago

"A pass key is an ssh key with more steps for the user to fuck up and get locked out of their account"

I mean there is plenty of FUD, but at the end of the day it's not terribly exciting technology.

kevinsync2y ago

m3kw92y ago

This is the part where you have people dismissing a security from a simple assumption and reverting back to another assumption of their current state. Is still dangerous

taeric2y ago

m3kw92y ago

Your faith in humanity seem low, because this would never be pushed worldwide by security experts who eats and sleeps it, if it was so easily broken where you just figures it out during a comment

j / k navigate · click thread line to collapse