Hacker News new | past | comments | ask | show | jobs | submit login

> This sounds like something that creates a chicken-and-egg problem of there not already being any such DTLS-speaking USB devices...

Or only allow completely unauthenticated devices as a fallback when there is no other available authenticated device.

A computer not having any keyboard is a rare case. Most of the time you have what is built-in (and should be authenticated) or what came with the computer (and should be authenticated).

Allowing unauthenticated keyboards only on detection of no authenticated ones probably covers 99.9% of all use cases and increases security dramatically.




Aren’t we trying to prevent an attacker with physical access? They could simply unplug everything first.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: