 "Google’s Bluetooth Titan Security Keys are vulnerable to hijacks by attackers, to be replaced for free"){kind=logo}
Google has posted a technical advisory stating that its Titan Security Keys are vulnerable to attacks. The two-factor authentication device has a Bluetooth Low Energy (BLE) version that is affected by this vulnerability. Google is offering free replacements that will take care of the vulnerability. [caption id=“attachment_4168237” align=“alignnone” width=“1280”]  The Google logo is pictured atop an office building in Irvine, California, U.S. August 7, 2017. Image: Reuters[/caption] The other versions of the security keys aren’t affected since the bug only acts up during Bluetooth pairing. Google said in its blog that the vulnerability arises from a “misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols.” Any attacker within a range of 30 feet can possibly communicate with the key or the device with which the key has been paired. For those who want to verify whether their key is affected, turn over the key and look for ‘T1’ or ‘T2’ at the bottom. If it does have those tags then the key can be replaced for free. [caption id=“attachment_6643661” align=“alignnone” width=“1280”]  Google’s Titan Security Key.[/caption] Until the keys are replaced, Google has also posted a few extra suggestions. iOS users running version 12.2 should sign in into their Google account in a “private place where a potential attacker is not within close physical proximity.” Once the sign in is done, the key should be unpaired. After the iOS 12.3 update, the security key won’t work so you have to ensure that you don’t sign out of your account. For Android and other devices, Google advises the same measures of signing in at a private place and then immediately unpairing the key. After the June 2019 Security Patch Level (SPL) arrives, all the affected Bluetooth devices will be unpaired automatically. Google still stresses that using the affected Bluetooth Low Energy version of the Titan Security key is still safer to prevent phishing attacks than not using any at all.
The Bluetooth Low Energy version of the security key under question can be replaced for free
Advertisement
End of Article
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
](https://images.firstpost.com/wp-content/uploads/2017/10/Google-logo-Social.jpg){kind=link}
](https://images.firstpost.com/wp-content/uploads/2019/05/google-titan-security-key.jpg){kind=link}