![]() ![]() I find this unfortunate because the Keybase aquisition was a clear move by Zoom to hire good cryptographers and improve the security stance of the company. The aquisition was covered by many in the tech world as "the end of Keybase". Zoom was well-known for many privacy issues and poor-practices. For these reasons, a shorter signing key that is still sufficiently secure until 2030 is good enough for me. Sure it can be done, but it isn't pretty. How do you bootstrap all those GPG keys, mark them as trusted, and then verify on a new machine? The more committers you have the trickier that gets. I haven't seen any real solution to what to do after mandating GPG signatures. Others have pointed out that if you sign tags signing git commits is of dubious value. That's reason enough for me to sign a commit. ![]() I'll be honest, I like seeing those green "Verified" badges. Any motivated attacker would have better luck harming the integrity of a repo by compromising a git push key than finding the right primes. Even then a SHA-1 collision could happen before a commit signature is forged. After all, GitHub uses RSA2048 keys so a verified commit is only as strong as the weakest signature. Even RSA4096 has similar speeds on the CPU but there's little reason to bother with RSA4096 for the next ten years. Not the significant difference between the real time for RSA4096 on a card and RSA2048 on the laptop CPU. Here are the results of a simple benchmark. I wanted to quantify just how slow git signing is. Since the hardware locks itself permanently after three incorrect tries, it's sufficiently secure to authorize the admin account (the entire disk is still protected by FileVault so knowledge of the password is still required) Benchmarks It is useful for PIV sudo access where a short pin is easier than a long password. I probably will eventually pick up a Yubikey Nano for convenience. I will still use the Yubikey for OpenPGP operations on less-trusted hosts (i.e. ![]() I keep it free from malware and have an inbound firewall. Even then there are better tools for encryption such as age which mostly exist outside of the Yubikey. My threat model just doesn't justify a hardware PGP key. I'm not currently writing missle software.That means decrypting emails on the iPad, remote servers, and more. I'd like to start using PGP more widely.Changes to my bash profile remain uncommitted as I don't have my Yubikey always plugged in now. This doesn't sound like much but as someone who commits frequently the hassle slows down the flow. It takes about a second to sign a git commit and you have to mess with PINS. I would recommend using the Nano if your primary computer device ends up being a laptop. The way the Yubikey sits doesn't give me great confidence that it won't break or bend in the port. My laptop has two USB-A ports and one of those is taken by my logitech mouse. To put it into a list, here is why I am moving away from hardware OpenPGP So I've been meaning to locate the offline master key to replace the subkey stubs so I could use them on my mobile devices. ![]() It's possible to make git commits from the iPad but Yubikey support with USB-C is limited and less portable. I ordered a replacement battery and picked up an 11 inch iPad Pro as screenplay reading device and backup for the MacBook. The battery had more than 1,100 cycles (it is rated for 1,000). The computer has been extremely reliable, though it did die on me unexpectedly at times. This is the very last Apple computer made that includes an NVIDIA card (important for my live-streaming usage) and is still supported. I now spend less time using my Mac desktop (I rarely boot it up) and spend most of my computing time on my late 2013 MacBook. Why? Well it simply boils down to inconvenience and time. For some time now I have been wanting to stop using the Yubikey for OpenPGP. It has been some time since my last article on encryption and using PGP. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |