When you’re trying to sign into an account on your device, you are normally asked to press the button on your BLE security key to activate it.In order for the misconfiguration to be exploited, an attacker would have to align a series of events in close coordination: Current users of Bluetooth Titan Security Keys should continue to use their existing keys while waiting for a replacement, since security keys provide the strongest protection against phishing.ĭue to a misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols, it is possible for an attacker who is physically close to you at the moment you use your security key - within approximately 30 feet - to (a) communicate with your security key, or (b) communicate with the device to which your key is paired. This bug affects Bluetooth pairing only, so non-Bluetooth security keys are not affected. and are providing users with the immediate steps they need to take to protect themselves and to receive a free replacement key. We’ve become aware of an issue that affects the Bluetooth Low Energy (BLE) version of the Titan Security Key available in the U.S. Posted by Christiaan Brand, Product Manager, Google Cloud
0 Comments
Leave a Reply. |