It was previously reported by German security researchers Bastian Könings, Jens Nickels, and Florian Schaub (University of Ulm) that 99.7% of Android phones were vulnerable to snooping and that their data (contacts, calendar) could be accessed by a 3rd party under specific circumstances. The reason was that some user login data stored on the phone was sent in clear text (unencrypted), which makes it possible for someone snooping WIFI network packets to intercept them.
Google has recognized that the vulnerability was indeed there, and that Android already had a security fix ready. While Google says that it is basically pushing to fix, it’s not clear when all handsets would be patched, and if wireless carriers need to approve the update.
In any case, the update should be transparent to Android users whenever it happens, hopefully today. Among the services potentially affected by the vulnerability: Google, Twitter & Facebook.
- 2014-04-10: Age Of Empires: World Domination Greets iOS, Android And Windows Phone Platforms This Year
- 2014-04-10: Chrome Beta For Android Updated
- 2014-04-10: Google Expands Security Services For Android
- 2014-04-10: LG G Pad 8.3 Receives Android 4.4 KitKat Update In US And Europe
- 2014-04-10: Google's New Calendar App Gets A Visual Overhaul
- 2013-07-09: Google Releases Patch To Fix Android Vulnerability
- 2012-02-02: Google Bouncer to fight Android malware
- 2011-09-13: Intel Android phones in 2012
- 2011-08-08: Android Network Toolkit app turns anyone into a hacker
- 2011-04-19: Kaspersky thinks Android is not secure enough