Google recalls some Titan security keys after discovering a Bluetooth vulnerability



[ad_1]

Titan security keys do not all have the bug, which, according to Google, is due to a bad configuration in the Bluetooth key pairing protocols. Only the Bluetooth Low Energy (BLE) model of the Titan security keys contains the bug. If your Titan security key has a "T1" or a "T2" on the back, it means that the security problem exists and that it is possible to replace it with Google.

But even if your Titan security key has the bug, do not stop using it while you are waiting for a replacement. Google warns that even a key with a security problem is safer than not using it at all. Just take extra precautions, such as using your security key away from other people and unlinking it immediately after logging into your Google Account. Google offers more specific instructions for iOS and Android devices, which you can read here.

The large number of security vulnerabilities seen in recent years on Bluetooth enabled devices has raised questions about the security of the technology. YubiCo, Google's competitor in the field of security keys, criticized Google for launching a Bluetooth-enabled security key. "BLE does not provide NFC and USB security assurance levels, and requires batteries and a pairing providing a poor user experience," the company wrote in a blog post last year.

But according to Lauren Weinstein of People for Internet Responsibility, the threats to Titan's security keys seem rather small. He added that using the Bluetooth security key for two-factor authentication is much safer than turning it off completely or relying on SMS authentication. "(… Titan's security bug) needs to be corrected, of course, and Google does this by offering free replacement keys, but for most users, it's unlikely that it's going to happen." act of a problem in practice, "said Weinstein in an Engadget message.

[ad_2]

Source link