https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3011
Sounds to me like the Google Titan is dead, only the Yubikey Neo, which Yubikey disclosed had a vulnerability in 2018 and took off the market, was affected.
@zack - did you actually read that paper?
The only Yubikey affected is the Neo, which was withdrawn years ago.
Current models are not impacted by this issue.
But I have to say, as clickbait your subject line was pretty good.
I’m guessing this was not intentional. @zack may not have realized “yubikey” is the name of a company rather than a generic name for these devices. Pretty much like Gillette is now a dictionary word for razor blade despite being the name of a company.
Fixed the title to avoid misleading users.
I own a Yubi so I guess I was a little defensive. I didn’t realize the brand name had become synonymous with hardware authentication key.