
Security Advisory 2019-06-13 – Reduced initial randomness on FIPS keys - digitalnalogika
https://www.yubico.com/support/security-advisories/ysa-2019-02/
======
londons_explore
Rather worrying for a device whose entire purpose is to generate and store
keys...

Also especially worrying considering a deliberately 'bad' random number
generator is almost the perfect way to subvert a device, since true random is
inprovable

~~~
andbberger
meh this specifically pertains to the 2-factor feature, and if your 2nd factor
is a secret you have gone very somewhere.

