Episode 245 - Analyzing US government's official privacy tutorial
Added 2024-12-24 14:19:01 +0000 UTCCISA's official privacy tutorials makes many interesting points - are they correct?
Source: https://www.cisa.gov/sites/default/files/2024-12/guidance-mobile-communications-best-practices.pdf
Comments
Yes I like many of their products, new ones too. They also reselll GrapheneOS phones and Linux laptops with QubesOS
The Hated One
2024-12-31 01:22:24 +0000 UTCThe rather old Nitrokey Pro 2/Nitrokey Storage 2 and new Nitrokey Passkey are good products. Glad Nitrokey has competition in this space though.
RICH
2024-12-30 22:34:32 +0000 UTCI agree. I like Nitrokey a lot. It's also open source and open hardware if I recall correctly.
The Hated One
2024-12-28 00:56:45 +0000 UTCGot it, thanks!
Hasty Pastry
2024-12-26 21:22:24 +0000 UTCOpen source implementation of FIDO: https://solokeys.com/collections/all/products/solo-2a-security-key-built-with-trussed%C2%AE (I don't trust Yubico...yes I have good reason to base the distrust)
RICH
2024-12-26 18:21:21 +0000 UTCYou can get a USB C Fido security key with builtin NFC support. You'll have the plugin option to fallback if NFC doesn't work. Pluging in always worked for me. And yes I enroll all fido backups for all accounts that allow multiple keys. Google and Tuta support more than three Fido keys from what I tested.
The Hated One
2024-12-25 16:14:47 +0000 UTCJust trying to figure out a game plan whenever I get a chance to enroll with hardware keys myself
Hasty Pastry
2024-12-25 09:03:13 +0000 UTCI'm guessing some have NFC to make it easier for mobile. Do you enroll your backup on every account you have fido enrolled (and allows 2 keys)?
Hasty Pastry
2024-12-25 09:00:03 +0000 UTCYou can use the same fido key for all devices. It's per account, not per device. So the same eky will authenticate both mobile and PC. Did I answer your question? I have multiple fido keys but only forbackup
The Hated One
2024-12-24 21:53:13 +0000 UTCDid you do a video on FIDO? I'm confused as to what the flow is for authenticating on multiple devices. E.g. during the day on PC, or on mobile. Do you use multiple hardware keys? Do you add both your primary and backup to each account?
Hasty Pastry
2024-12-24 21:46:26 +0000 UTCNote on proton: you can also compromise with a 2nd password for Pass (i.e. no need for another account)
Hasty Pastry
2024-12-24 21:40:49 +0000 UTC
