upvote

points

by nananana99 hours ago |
comments
upvoteby JambalayaJimbo6 hours ago|
next
[-]
What about Apple Wallet?

The reality is that there is software dependent on the user being unable to modify it. This safeguards the server against fraudulent users.

reply
upvoteby customguy2 hours ago|
parent|
[-]
Never trust user input. The users already can't modify the server.

And what actual applications did you have in mind that warrant throwing everybody under the bus? (by that I mean some applications (allegedly) need it, so it gets forced on everyone)

reply
upvoteby EtienneK5 hours ago|
prev|
[-]
Passkeys are better passwords. They need a TPM.
reply
upvoteby adev_5 hours ago|
parent|
next
[-]
> Passkeys are better passwords. They need a TPM.

Passkeys absolutely do not need TPM.

You can get passkey support in any browser with a simple 1password plugin without any TPM hardware.

The same way you could get a TOTP app on your phone without any TPM.

TPMs are just an extra security layer for most usages.

They are mainly a necessity for some shady business like DRMs.

reply
upvoteby loup-vaillant3 hours ago|
parent|
[-]
> Passkeys absolutely do not need TPM.

They do not, but how does the service you’re using know your passkey is secure? For all they know you’re just some gullible user that clicks through every fishing email you get. You’re dumb, weak, helpless, they gotta protect you from this scary world out there, and maybe yourself as well.

They can’t do that if they allow your passkey to be stored anywhere you control. KeepassXC? The second you type in your master password the keylogger will snatch it, and your entire database with it!

Okay, maybe you’re some hot shot cryptographer, you’re using a TKey (think Yubikey, except you have full control), and there’s no way your secret key leaves it even if your main computer is fully compromised. Well, the service doesn’t know that. All they see is your public key and a matching signature.

So, sorry Mr. Security Researcher, we’re gonna have to be safe, and require you to use approved hardware only. Too many (wo)men children out there must be protected, we have no way to tell you’re not one of them, so it’s remote attestation or you’re out. What’ online buying worth for anyway, when you can just cross the ocean?

---

Just so we’re clear, I agree with you here. But don’t forget there are two kinds of passkeys out there: with or without the evil remote attestation. And many companies will push for the remotely attested kind, using the exact argument I used above, except with a straight face.

Or they will just present a false dichotomy: remotely attested passkeys on the one hand, short easy to guess reused everywhere passwords on the other.

reply
upvoteby jcgl1 hours ago|
parent|
[-]
> For all they know you’re just some gullible user that clicks through every fishing email you get.

Passkeys are non-phishable. That's part of their schtick. I'm not a huge passkey fan myself, but this is a real benefit.

reply
upvoteby loup-vaillant1 minutes ago|
parent|
[-]
Yes, but that’s not the threat model I was alluding to. The threat model was, you get tricked into executing malware, that will steal your passkey (and your entire password database in fact), and log your master password as soon as you use it.

When the passkey is protected behind an HSM (TPM, Yubikey, Tkey…), even a compromise of your main computer can’t steal it. Attackers can still temporarily log in on your behalf, but they can’t do anything with your passkey as long as your computer is turned off. Which means you can un-pwn yourself out of this situation by reinstalling everything (but do keep your HSM!).

Overall, we have several levels of security here:

- Weak password, (potentially reused everywhere). Fished once, pwned everywhere. Not to mention password database leaks.

- Very strong unique password from your password vault (KeepassXC). Note that with automatic login, password managers may provide good phishing resistance. Manual copy pasta is still vulnerable, but at least you only compromise that one account.

- Passkey stored in your password database. Phishing proof as you say, but falls to a keylogger.

- Passkey sorted in a hardware security module. Can’t be stolen ever, save for a vulnerability in the HSM itself, or, if you haven’t set up a password for your HSM, theft.

Clearly that last option is the most secure. Clearly it would be nice if everyone could do that, though we do need a way to recover from the loss or destruction of the HSM (which in the case of the TPM may mean something as mundane as changing your graphics card). Yet often, other ways are more convenient.

Still, I strongly believe companies should not force people into one method or another. Okay, I could maybe tolerate passkeys being forced on me, but not the remote attestation part. Let me manage my own security, with my own tools (preferably open source), thank you very much. There is one use case for which I may approve of remote attestation: work accounts. Because at this point it’s not about the safety of the customer, it’s about the safety of the company itself. It makes sense then that the company (or government agency) impose whatever stringent restrictions on how to access their network. They do have to provide any required tool (company laptop, company palmtop, company dongle…), same way many companies are required to provide individual safety equipment to any of their employees working in hazardous environments.

reply
upvoteby vbezhenar3 hours ago|
parent|
prev|
[-]
Run vaultwarden locally. Install bitwarden. Now you have software-only implementation of passkey. Dig into vaultwarden sqlite database and you'll find passkey data there. Extract and save it on disk and you have exportable passkey. See, it's all security theater without remote attestation.

I had an idea to create blatantly insecure passkey browser extension. Maybe I should do that.

reply