While trying to sign into an account on the device, a user is normally asked to press the button on their BLE security key to activate it.The two cases an attacker might use to exploit the security keys in the BLE are: With this, the attacker can easily communicate with a user’s security key or also communicate with the device to which the user’s key is paired. “Current users of Bluetooth Titan Security Keys should continue to use their existing keys while waiting for a replacement since security keys provide the strongest protection against phishing”, the official post reads.Īttackers can only gain access to a user’s device if they are within close proximity (approximately 30 feet) while the user is using the security key. However, the bug affects Bluetooth pairing only, so non-Bluetooth security keys are not affected. Google has provided users with quick actions to protect themselves against the attack and to gain a free replacement key. This issue is due to a misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols, which is currently affecting the BLE versions in the U.S. Today, Google announced a security bug in its Bluetooth Low Energy (BLE) Titan Security Keys.
0 Comments
Leave a Reply. |