MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
security
Search

Google warns Bluetooth Titan security keys can be hijacked by nearby hackers

Wednesday May 15, 2019. 08:29 PM , from Ars Technica
Google warns Bluetooth Titan security keys can be hijacked by nearby hackers
Enlarge (credit: Google)
Google is warning that the Bluetooth Low Energy version of the Titan security key it sells for two-factor authentication can be hijacked by nearby attackers, and the company is advising users to get a free replacement device that fixes the vulnerability.
A misconfiguration in the key’s Bluetooth pairing protocols makes it possible for attackers within 30 feet to either communicate with the key or with the device it’s paired with, Google Cloud Product Manager Christiaan Brand wrote in a post published on Wednesday.
The Bluetooth-enabled devices are one variety of low-cost security keys that, as Ars reported in 2016, represent the single most effective way to prevent account takeovers for sites that support the protection. In addition to the account password entered by the user, the key provides secondary “cryptographic assertions” that are just about impossible for attackers to guess or phish. Security keys that use USB or Near Field Communication are unaffected.
Read 7 remaining paragraphs | Comments
https://arstechnica.com/?p=1505725

Related News

News copyright owned by their original publishers | Copyright © 2004 - 2019 Zicos / 440Network
Current Date
May, Wed 22 - 17:24 CEST