• Boozilla
    link
    291 year ago

    Good for you. When I say I won’t use stuff like this my friends and family mock me for being paranoid. It’s disturbing how quickly people will just do something because it seems cool and/or convenient.

    You can change your password if it gets compromised. You can’t change your bio-metrics. Once a digital version of your retina, fingerprint, palm print, whatever gets leaked…you’re screwed.

    I know they claim these things are locked away in HSM devices, but I don’t care. You’re trusting every single engineer, coder, tester, and mid-level manager with access to these things. It’s a long chain of trust in the typical “rush it out the door” corporate environment.

    Real security and QA are the last things on their minds when they develop this stuff.