Connect with us

Internet

Google’s Bluetooth Titan Security Keys Have a Vulnerability, Free Replacement Offered

Published

on

Google released a security advisory on Monday that says a security bug exists in the company’s Bluetooth Titan Security Key. The flaw could potentially enable someone to gain access to a user’s account or device while remaining in close physical proximity. The tech giant claims this is a result of a ‘misconfiguration’ in the keys’ Bluetooth pairing protocols, however, the keys are still great at protecting users against phishing attacks.

Google will offer a free replacement key to all existing users. The issue is limited to the Titan Bluetooth keys which means if you’re using the Titan USB keys, you shouldn’t be worried. Google sells its Titan Bluetooth keys for $50 (roughly Rs. 3,500). To recall, Google’s Titan Security Keys for two-factor authentication had been launched in August last year.

The company further explained in its security advisory that an attacker will need to be within Bluetooth range (around 30 feet) to exploit the security flaw. The attacker can only make use of the misconfigured protocol when a user presses the button on the Titan Bluetooth key to activate it. This way they’ll be able to connect their device to the key before yours.

Since a user’s security key must be paired with their device before it can be used, an attacker could also exploit this by using their device and masking it as your security key. But for all this to be exploited, the attacker must also know your credentials.

Google maintains that its Titan Bluetooth keys still protect users against phishing attacks and that users can still use them until the company ships a free replacement. In its announcement, Google claims physical security keys still offer the strongest protection against phishing. Users with ‘T1’ or ‘T2’ on their Google Titan Key are eligible for a replacement.

The company which makes Google’s Titan Security Key, Feitian, has also issued a similar statement, disclosing the vulnerability as well as offering a free replacement for its users. The company also sells physical security keys under its own brand.

The vulnerability doesn’t affect the recent feature on Android phones that can be used as a physical security key, apart from Titan USB keys.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet

Cars That Celebrities Love But Aren't So Great

Published

on

Having a lot of money doesn’t necessarily mean you have flashy taste. These are some cars that celebrities love, but aren’t so great.

Continue Reading

Internet

This Hidden Samsung Galaxy Feature Will Automatically Optimize Your Phone's Performance

Published

on

Auto Optimization is a built-in tool on Samsung phones intended to optimize the phone’s processing and keep everything running smoothly.

Continue Reading

Internet

Here's How To Add New Fonts To Microsoft Word

Published

on

Whether you’re simply tired of the same old options or you need a special font for a project, you can add new fonts to Microsoft Word on Windows and Mac.

Continue Reading

Trending