Hacker News new | past | comments | ask | show | jobs | submit login

IIRC the last time something similar happened they issued replacement devices... I'm a bit baffled that they're not offering a replacement programme.



> I'm a bit baffled that they're not offering a replacement programme.

That was under the previous leadership when Stina Ehrensvärd was CEO.

Now they've taken VC money[1], and more recently merged with a listed SPAC[2] I suspect replacement devices will never happen because, you know, shareholders come first.

I wish Yubico had some serious competition, but sadly they don't. NitroHSM is not the same thing (plus has flashable firmware, which leads to potential security risks). Tilitis looks interesting, but its far from maturity.

[1] https://www.yubico.com/blog/yubico-adds-new-round-of-investm... [2] https://www.yubico.com/blog/yubico-is-merging-with-acq-bure/


> I wish Yubico had some serious competition, but sadly they don't.

This likely wouldn’t qualify as “serious competition” but I have a few solokeys and they work fine for my use.

https://solokeys.com/


I have used SoloKeys since v1. Currently own two v2 SoloKeys, and they "just work" for anything involving FIDO2. I specifically use them for storing SSH private keys and WebAuthn credentials. The key can be used on any device with a USB-C port (there is also a variant supporting NFC, but I don't have that variant)

Despite being a bit careless with my keys (e.g. leaving them in a pocket and washing said clothing), they still work just fine. I highly recommend SoloKeys to anyone who wants to support open source hardware and firmware.


> I wish Yubico had some serious competition, but sadly they don't.

Looking at the list of FIDO certified hardware authenticators alone, they definitely do.

My country's eID scheme even requires FIDO Level 2 certification, which Yubico hasn't had for a while, so they practically supported only non-Yubico authenticators until recently.


> I wish Yubico had some serious competition, but sadly they don't. NitroHSM is not the same thing

What's not the same thing as what? There's no NitroHSM (Nitrokey has 2 different HSM-related products that are different kinds of things from each other, and neither is called that), and most Yubikeys aren't their special HSM devices.


Swissbit[1] is another, but I have no personal experience with their products.

[1]https://www.swissbit.com/en/products/ishield-key/


> I wish Yubico had some serious competition, but sadly they don't

Also mentioning OnlyKey <https://onlykey.io>. You don’t need to be some big corpo to be considered ‘serious’.


> You don’t need to be some big corpo to be considered ‘serious’.

That's not what I meant and I suspect you know that. :)

I meant everything from the Yubico hardware (more compact and less bulky than anything else out there) to the Yubico software (extensive featureset with more controllability than most other products out there).

Also as I said already, Yubico is one of the few (only ?) one that does not permit firmware flashing. Most competitor keys have firmware flashing capability, which to me is a big no-no as its an attack surface just waiting for an exploit.

That's what I meant by 'serious'.


Thank you I was not aware of that. That's unfortunate.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: