Google Titan Vulnerability

Google Titan Vulnerability

Dennis Snider

263 Posts




Google has issued a warning that the BLE iteration of its Titan security key, used for two-factor authentication, is open to hijacking from hackers in its immediate vicinity. The key has a misconfiguration in its Bluetooth pairing protocol which allows a hacker within 30 feet to access the key or the device it’s connected to. The company has issued a free of charge replacement that solves the problem.

Security keys are the best way of preventing hackers accessing sites that offer this level of protection; the user not only has to enter their password but allow the website to access the key which provides encrypted information that is virtually impossible to hack. While keys employing Near Field Communication or USB connections are still safe, a hacker in the vicinity could activate their own BLE security key when a victim attempts to login; if the hacker already possesses the victim’s username and password they could then take over the device.

The vulnerable devices are ones with either T1 or T2 written on the back; those who have these devices should apply to Google for free replacement. However, Google advises that despite the threat these devices still provide the best possible security available and that they can still be used while waiting for a replacement. It is recommended that the vulnerable keys should only be used in private with no potential attacker within 30 feet and that the security key should be unpaired as soon as the user is logged in.

Next month Android will be releasing an update that will unpair Bluetooth security keys once the user is logged in automatically, however, the latest iOS 12.3 will refuse to work with compromised security keys, and so Google users who have logged out will not be able to log back in until they receive a new key. Best advice in this case would be to remain logged in to your account or to use an authenticator app as backup or your main form of authentication.

The unfortunate incident has provoked criticism from many who have long held that it is inappropriate to use Bluetooth for security devices, due to their vulnerabilities. Apple and the security key maker Yubico do not support BLE security keys for this reason.

8 thoughts on “Google Titan Vulnerability

  1. Millie

    Good article. I will be experiencing a few of these issues
    as well..

    Also visit my site; best web hosting sites

    August 10, 2020 at 4:16 pm Reply
  2. Jasmin

    Nice answer back in return of this matter with solid arguments and
    explaining the whole thing about that.

    Look at my web-site … web hosting providers

    August 11, 2020 at 2:26 am Reply
  3. Alexander

    Undeniably imagine that that you stated. Your favorite reason appeared to be on the internet the simplest thing to
    understand of. I say to you, I definitely get irked
    whilst other folks think about issues that they
    plainly do not recognize about. You controlled to hit the nail upon the highest and also outlined out the whole thing with no need
    side effect , people could take a signal.
    Will probably be again to get more. Thanks

    My website … best web hosting company

    August 13, 2020 at 6:10 pm Reply
  4. Petra

    Great web site you have here.. It’s hard to find excellent writing
    like yours nowadays. I honestly appreciate individuals
    like you! Take care!!

    Here is my homepage; webhosting

    August 14, 2020 at 3:07 am Reply
  5. Raymon

    Wonderful beat ! I would like to apprentice while you amend your website, how could i subscribe
    for a blog site? The account helped me a acceptable deal.
    I had been a little bit acquainted of this your broadcast provided bright clear idea cheap flights y2yxvvfw

    August 25, 2020 at 12:05 am Reply
  6. Hayley

    hello there and thank you for your info – I’ve certainly picked up something new from right here.
    I did however expertise some technical points using this site, since I
    experienced to reload the website lots of times previous to I could get it to
    load properly. I had been wondering if your hosting is OK?
    Not that I am complaining, but slow loading instances times will very frequently affect your placement in google and can damage your high-quality score if advertising and marketing with Adwords.
    Anyway I’m adding this RSS to my e-mail and could look
    out for much more of your respective interesting content.
    Make sure you update this again soon. 3gqLYTc cheap flights

    August 26, 2020 at 7:28 am Reply
  7. Twila

    Undeniably believe that which you said. Your favourite
    reason appeared to be at the internet the simplest factor to understand of.
    I say to you, I definitely get irked whilst folks think about concerns that they plainly do not realize about.
    You managed to hit the nail upon the highest
    and outlined out the entire thing with no need side-effects , people could take
    a signal. Will likely be back to get more. Thank you

    Stop by my page – cheap flights

    August 26, 2020 at 7:25 pm Reply
  8. Kandi

    Having read this I believed it was extremely informative.
    I appreciate you spending some time and energy to
    put this content together. I once again find myself personally spending a lot of time both reading and posting comments.
    But so what, it was still worth it!

    Visit my website :: black mass

    August 28, 2020 at 10:20 am Reply

Leave a Reply

Your email address will not be published. Required fields are marked *