It was previously reported by German security researchers Bastian Könings, Jens Nickels, and Florian Schaub (University of Ulm) that 99.7% of Android phones were vulnerable to snooping and that their data (contacts, calendar) could be accessed by a 3rd party under specific circumstances. The reason was that some user login data stored on the phone was sent in clear text (unencrypted), which makes it possible for someone snooping WIFI network packets to intercept them.
Google has recognized that the vulnerability was indeed there, and that Android already had a security fix ready. While Google says that it is basically pushing to fix, it’s not clear when all handsets would be patched, and if wireless carriers need to approve the update.
In any case, the update should be transparent to Android users whenever it happens, hopefully today. Among the services potentially affected by the vulnerability: Google, Twitter & Facebook.
- 2014-04-24 ARM Expects 64-bit Android Devices By End Of The Year
- 2014-04-23 XCOM: Enemy Unknown Android Version Coming Soon
- 2014-04-23 OnePlus' Marketing Stunt Asks The Public To Smash The Past
- 2014-04-21 Leaked Android Dialer App Screenshot Shows Slight Makeover
- 2014-04-21 Apple And Google Reportedly Vying For Mobile Game Exclusives
- 2013-07-09 Google Releases Patch To Fix Android Vulnerability
- 2012-02-02 Google Bouncer to fight Android malware
- 2011-09-13 Intel Android phones in 2012
- 2011-08-08 Android Network Toolkit app turns anyone into a hacker
- 2011-04-19 Kaspersky thinks Android is not secure enough