I love YubiKeys and use them all the time both for work and at home. They are really good for what they are designed to do which is simple symmetric key generation and escrow and message digest signing. The consumer versions don’t really do much more. The YubiHSM is well suited to low transaction rate small server deployments and certificate/key generation but not much more.
Industrial HSMs, while pricy, are well suited for what they do:
— Ridiculously fast key generation, encryption and signing/validation with hardware acceleration.
— A ton of weird and arcane algorithms, curves, etc. (Fortezza and those weird Korean algos anyone??)
— Long key lengths which are important if you want to escrow a long key (a 256 bit symmetric key needs a 16K RSA key to protect it or the exercise is pointless. Be prepared to wait a VERY long time for a 16K RSA key to be generated.).
— In hardware crypto operations. Even with a YubiKey, openssl is doing all the crypto in software and is only escrowing the symmetric key in hardware. Whe a key is in memory it is open to attack.
— The ability to run secure code in the HSM. I’ve written a lot of that and it does have several edge case applications.
Anyway, they are not BS. They are good at what they do which is generally large scale industrial applications and low scale highly secure operations. Their cost is, however, only justified by the value of the assets you are trying to protect with them.