Computer Security

Yubikey vulnerability found, but don’t lose sleep over it. Nobody is going through all this effort to get into your GMail if you’re not a VIP.

https://www.schneier.com/blog/archives/2021/01/cloning-google-titan-2fa-keys.html

Also, it requires you to be separated from your yubikey for like 10 hours. Or having it swapped out for that amount of time. It’s a hell of a covert ops thing to do.