Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
135366 TECHCRUNCH 2019-5-15:
Google discloses security bug in its Bluetooth Titan Security Keys, offers free replacement
1.000 Find similar Compare side-by-side
135421 THEVERGE 2019-5-15:
Google is replacing Bluetooth Titan Security Keys because of a vulnerability
0.993 0.806 Find similar Compare side-by-side
135610 THENEXTWEB 2019-5-16:
Google’s Titan Security Keys can be hijacked remotely, replace yours now
0.870 0.791 Find similar Compare side-by-side
135313 ENGADGET 2019-5-15:
Google recalls some Titan security keys after finding Bluetooth vulnerability
0.983 0.784 Find similar Compare side-by-side
135460 VENTUREBEAT 2019-5-15:
Google uncovers Bluetooth vulnerability in Titan Security Key
0.948 0.770 Find similar Compare side-by-side
135388 ARSTECHNICA 2019-5-15:
Google warns Bluetooth Titan security keys can be hijacked by nearby hackers
0.984 0.688 Find similar Compare side-by-side
135818 ENGADGET 2019-5-18:
Google stats show how much a recovery number prevents phishing
0.497 Find similar Compare side-by-side
135522 TECHREPUBLIC 2019-5-16:
MDS vulnerabilities lead Chrome OS 74 to disable hyper-threading
0.346 Find similar Compare side-by-side
135163 THENEXTWEB 2019-5-14:
No, end-to-end encryption isn’t a marketing gimmick
0.345 Find similar Compare side-by-side
135584 TECHCRUNCH 2019-5-16:
Openfinance opens up US trading of third-party digital assets
0.335 Find similar Compare side-by-side
135177 TECHCRUNCH 2019-5-14:
Google makes travel planning easier
0.314 Find similar Compare side-by-side
134964 TECHCRUNCH 2019-5-13:
WhatsApp exploit let attackers install government-grade spyware on phones
0.296 Find similar Compare side-by-side
135613 VENTUREBEAT 2019-5-16:
Openfinance To Become First Digital Security Platform To Allow U.S. Investors to Trade Third-Party Digital Assets on Secondary Market
0.292 Find similar Compare side-by-side
135295 TECHCRUNCH 2019-5-14:
Apple, Amazon, Google, Microsoft and Mozilla release patches for ZombieLoad chip flaws
0.288 Find similar Compare side-by-side
135199 THENEXTWEB 2019-5-14:
PSA: Update WhatsApp now to prevent spyware from being installed on your phone
0.285 Find similar Compare side-by-side
135673 ARSTECHNICA 2019-5-17:
Guidemaster: Ars picks the best wireless keyboards you can buy in 2019
0.283 Find similar Compare side-by-side
135737 THEVERGE 2019-5-17:
Protecting your computer against Intel’s latest security flaw is easy, unless it isn’t
0.281 Find similar Compare side-by-side
135239 THEVERGE 2019-5-14:
Google agrees to pay owners of faulty Pixel phones up to $500
0.281 Find similar Compare side-by-side
135118 THEVERGE 2019-5-14:
ZombieLoad attack lets hackers steal data from Intel chips
0.280 Find similar Compare side-by-side
135225 THENEXTWEB 2019-5-14:
The WhatsApp hack proves security should trump consumer choice
0.280 Find similar Compare side-by-side
135209 THEVERGE 2019-5-14:
Facebook reenables ‘View as Public’ feature following 2018 security issue
0.280 Find similar Compare side-by-side
135596 ENGADGET 2019-5-16:
Google's how-to videos explain Assistant's accessibility features
0.275 Find similar Compare side-by-side
135197 VENTUREBEAT 2019-5-14:
Respond Software raises $20 million for ‘decision bots’ that emulate human security analysts
0.273 Find similar Compare side-by-side
135152 THENEXTWEB 2019-5-14:
BitDefender researchers discover terrifying security vulnerability in Intel CPUs
0.272 Find similar Compare side-by-side
135416 THENEXTWEB 2019-5-15:
Get ready to see more shopping ads on Google Search, Images and YouTube
0.272 Find similar Compare side-by-side

1

ID: 135366

URL: https://techcrunch.com/2019/05/15/google-recalls-its-bluetooth-titan-security-keys-because-of-a-security-bug/

Date: 2019-05-15

Google discloses security bug in its Bluetooth Titan Security Keys, offers free replacement

Google today disclosed a security bug in its Bluetooth Titan Security Key that could allow an attacker in close physical proximity to circumvent the security the key is supposed to provide. The company says the bug is due to a misconfiguration in the Titan Security Keys Bluetooth pairing protocols and that even the faulty keys still protect against phishing attacks. Still, the company is providing a free replacement key to all existing users. The bug affects all Titan Bluetooth keys, which sell for $50 in a package that also includes a standard USB/NFC key, that have a T1 or T2 on the back. To exploit the bug, an attacker would have to be within Bluetooth range (about 30 feet) and act swiftly as you press the button on the key to activate it. The attacker can then use the misconfigured protocol to connect their own device to the key before your own device connects. With that — and assuming that they already have your username and password — they could sign into your account. Google also notes that before you can use your key, it has to be paired to your device. An attacker could also potentially exploit this bug by using their own device and masquerading it as your security key to connect to your device when you press the button on the key. By doing this, the attacker can then change their device to look like a keyboard or mouse and remote control your laptop, for example. All of this has to happen at the exact right time, though, and the attacker must already know your credentials. A persistent attacker could make that work, though. Google argues that this issue doesnt affect the Titan keys main mission, which is to guard against phishing attacks, and argues that users should continue to use the keys until they get a replacement. It is much safer to use the affected key instead of no key at all. Security keys are the strongest protection against phishing currently available, the company writes in todays announcement. The company also offers a few tips for mitigating the potential security issues here. Some of Googles competitors in the security key space, including Yubico, decided against using Bluetooth because of potential security issues and criticized Google for launching a Bluetooth key. While Yubico previously initiated development of a BLE security key, and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability and durability, Yubico founder Stina Ehrensvärd wrote when Google launched its Titan keys. Google takes on Yubico and builds its own hardware security keys