Apple and Microsoft support aren’t exactly awesome, either, unless you’re a big business with deep pockets. At least with Linux, the system is open, so if there is a way to solve my problem, someone has almost certainly found it already and added it to Arch Wiki or Stack Overflow or something.
They want to make it impossible to block other machines by address? Including ones that are attacking you? That’s a horrible idea.
Also, this sounds like it will require way too much intelligence in the network itself. The Internet works because the big trunk routers do very little processing per packet—just look at the destination address, decrement TTL, and send the packet to the next router. If trunk routers have to do a lot of per-packet processing or keep track of every single node on the network, they’ll fall over very quickly.
How will I notice when the spare fails, if it’s only a spare and I don’t regularly use it? Then I’m down to only one key, and as any grumpy backup admin will tell you, if you have only one copy of something, you have zero copies.
I would have a key plugged into the computer pretty much all the time when I’m working, so anyone who compromises the computer can impersonate me as long as I’m at work. This would be mildly inconvenient to the attacker, but wouldn’t actually stop the attacker. And if the computer isn’t compromised, how is anyone going to get into my GitHub account even without 2FA? They certainly aren’t going to do it by guessing my 16-character generated password or Ed25519 SSH key.
Something-I-know is worthless for authentication in the age of GPU password cracking. Most humans, including myself, do not have photographic memories with which to memorize cryptographically secure passwords. We’re all using password managers for a reason, and a password database is something you have, not something you know.
I can do that with alphanumeric codes, yeah, but can I get alphanumeric codes from GitHub, or is it going to be a QR code? I can’t write down a QR code…
Printing recovery codes would require me to either be price gouged by the printer ink cartel or use someone else’s printer, and using someone else’s printer is begging to get my account stolen.
I have no idea how to hammer things into metal plates, but I’m guessing that’s even more expensive than printer ink.
…through a third-party cloud server that you have no good reason to trust. No bueno. Keep sensitive information off the cloud unless you want it to become public.
It’s pretty hard to hand-write a QR code, I don’t wish to pay the printer cartel $50 for the privilege of printing it, and it would of course be horribly insecure to print it with someone else’s printer.
And how would I use the QR code? I can’t scan it with my phone’s camera because allowing my phone access to my GitHub account is a security risk, and I can’t scan it with my desktop because it doesn’t have a camera.
So, how is this going to work? How do I recover my GitHub account without making it less secure than it is with just a password?
The use of a “secure enclave” for any purpose is a bug at best, because secure enclaves aren’t just secure against your adversaries; they’re also secure against you. This is intolerable. All machines must obey their owner, and “secure enclaves” by design don’t.
205·10 months ago
Since when could young people afford to buy a house?