Connect with us

Internet

Google’s Bluetooth Titan Security Keys Have a Vulnerability, Free Replacement Offered

Published

on

Google released a security advisory on Monday that says a security bug exists in the company’s Bluetooth Titan Security Key. The flaw could potentially enable someone to gain access to a user’s account or device while remaining in close physical proximity. The tech giant claims this is a result of a ‘misconfiguration’ in the keys’ Bluetooth pairing protocols, however, the keys are still great at protecting users against phishing attacks.

Google will offer a free replacement key to all existing users. The issue is limited to the Titan Bluetooth keys which means if you’re using the Titan USB keys, you shouldn’t be worried. Google sells its Titan Bluetooth keys for $50 (roughly Rs. 3,500). To recall, Google’s Titan Security Keys for two-factor authentication had been launched in August last year.

The company further explained in its security advisory that an attacker will need to be within Bluetooth range (around 30 feet) to exploit the security flaw. The attacker can only make use of the misconfigured protocol when a user presses the button on the Titan Bluetooth key to activate it. This way they’ll be able to connect their device to the key before yours.

Since a user’s security key must be paired with their device before it can be used, an attacker could also exploit this by using their device and masking it as your security key. But for all this to be exploited, the attacker must also know your credentials.

Google maintains that its Titan Bluetooth keys still protect users against phishing attacks and that users can still use them until the company ships a free replacement. In its announcement, Google claims physical security keys still offer the strongest protection against phishing. Users with ‘T1’ or ‘T2’ on their Google Titan Key are eligible for a replacement.

The company which makes Google’s Titan Security Key, Feitian, has also issued a similar statement, disclosing the vulnerability as well as offering a free replacement for its users. The company also sells physical security keys under its own brand.

The vulnerability doesn’t affect the recent feature on Android phones that can be used as a physical security key, apart from Titan USB keys.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet

SpaceX Starlink beta test will continue into next year

Published

on

SpaceX recently announced that it would continue beta testing its Starlink broadband Internet service into 2021. The announcement highlights a delay as the service was previously planned to roll out in 2020. It’s unclear exactly when, in 2021, the service will exit beta. As close as we have to a date at this point comes from a SpaceX engineer named … Continue reading

Continue Reading

Internet

Spotify is testing Stories video feature with some major artists

Published

on

Spotify is the latest platform to introduce a Stories feature, though it appears to only be available to a select number of big musical artists at this time. Spotify Stories first made an appearance earlier this year with the official name Storyline, one that was intended to let artists share stories-like content with fans. The company has confirmed this latest … Continue reading

Continue Reading

Internet

YouTube for Android TV can stream in 8K for only a few

Published

on

It seems like only yesterday when the market finally caught up with 2K and now TV makers and content publishers are already pushing 8K everywhere they can. It’s definitely going to take a lot of time before that even becomes as prevalent as 4K, especially considering the limitations when it comes to the availability of hardware and content. One such … Continue reading

Continue Reading

Trending