Security News > 2020 > February > Google launches open-source security key project, OpenSK
Interested in using hardware security keys to log into online services more securely? Well, now you can make your own from scratch, thanks to an open-source project that Google announced last week.
Google has released an open-source implementation called OpenSK. It's a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key.
As an open-source project, there are some caveats that make this more of a research project than an official alternative to manufactured security keys for board hackers.
While Google tested the firmware against CTAP 2.0, which is a protocol that's part of FIDO2 that enables digital keys to work with a browser, the FIDO Alliance hasn't certified OpenSK, which means it can't call the project FIDO Certified.
CrowdSupply successfully crowdfunded Somu, a tiny open-source security key that supported FIDO2.
News URL
https://nakedsecurity.sophos.com/2020/02/03/google-launches-open-source-security-key-project-opensk/
Related news
- Scout Suite: Open-source cloud security auditing tool (source)
- Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation (source)
- Google Chrome gets a mind of its own for some security fixes (source)
- CrowdSec: Open-source security solution offering crowdsourced protection (source)
- Paid open-source maintainers spend more time on security (source)
- Certainly: Open-source offensive security toolkit (source)
- Open source maintainers: Key to software health and security (source)