Last year, Google launched the Titan security key. For those who are unfamiliar with the gadget, it is a security key that helps authenticate the user to whichever device it is plugged into or connected to. The idea is that by leaving it connected to a device like a computer, in theory, you would never need to have to enter a password again.
Google had previously boasted how its Titan security key used by its employees allowed them to avoid any kind of phishing attempts, but it seems that some Titan keys might not be as secure. In a post on Google’s Security Blog, the company announced that they will be recalling and replacing some of the Titan keys bought by some of their customers.
This is due to a Bluetooth vulnerability which would, in theory, allow a hacker to connect to the device. However, before you get too panicked, we should note that not all Titan keys are affected by this, and that it only affects Bluetooth pairing only. Also, as Google points out, the attack isn’t quite as easy to pull off and it would require the attacker to be in the same room as you and within 30 feet of the device.
The attack would also need to align a series of events in close coordination to pull it off, meaning that it isn’t quite as simple of an attack that some might be concerned about. Regardless, a flaw is still a flaw and as we said, Google will be sending out replacements to those who have been affected. To find out if your Titan key is affected and if it is eligible for a replacement, head on over to Google’s blog.
Filed in Google and Security. Source: security.googleblog
. Read more about