Oddbean

▲ ▼

 Dude, where've you been... https://m.primal.net/Lrru.jpg

▲ ▼

 I have the old ones like yours but they have a vulnerability. Besides, I wanted usbc

▲ ▼

 Same. Moved to USB-C + NFC

▲ ▼

 Picked up 3 of them, with the covers.

▲ ▼

 I actually made a replica out of aluminum so that I could form hot Kydex over it to make snap on protective covers. Worked great, but when I switched to USB-C I didn't have the energy to make a new metal template. 

https://m.primal.net/MDWe.jpg https://m.primal.net/MDWg.jpg

▲ ▼

 Cool! I was wondering if they’d ever have some nice case for it or a flip cover. Would love a sleek design one

▲ ▼

 There's a bunch of 3D printable one on ThingiVerse

▲ ▼

 The vulnerability doesn’t make sense though.

Sure, someone can clone your YubiKey.
But they can also just tap to log into any website they want without cloning it if they stole it.

▲ ▼

 Not surreptitiously.

▲ ▼

 Does it reveal which websites they have keys for? I assumed that was the issue.

▲ ▼

 No. You can already do that without an attack if you use resident keys. (aka passkeys *without* a username)

This only means that someone with your PIN and extended access can clone it.

▲ ▼

 Did y'all read the vulnerability in detail? If you don't have access to near perfect lab conditions and incredibly expensive high-end equipment you cannot do this. In other work, this is a theoretical vulnerability for most. I  was able to switch to new Yubikeys, but transitioning my passkeys and other creds was a PITA.

▲ ▼

 I did