Comment by jorvi
18 days ago
Again, that exploit factor is irrelevant now because WebUSB is blacklisted from accessing, among other things, HID class devices. So no site, even with permission, can access U2F devices over WebUSB. There is no special blacklist needed per vendor or anything.
You are right that it was a security hole in Chrome <67. Which is almost a decade in the past by now.
No comments yet
Contribute on Hacker News ↗