Android Vulnerability Exposes Users to Data Theft

Tuesday May 17th 2011 by Staff

If you use your smartphone on unsecured Wi-Fi, others could access your personal data.

InfoWorld: Researchers from Germany's University of Ulm have discovered an Android vulnerability that could put personal data at risk when users are connected to an unsecured Wi-Fi network. A quirk in the authTokens used to log in to Google Services means "[an] adversary can gain full access to the calendar, contacts information, or private web albums of the respective Google user," according to the researchers. "This means that the adversary can view, modify or delete any contacts, calendar events, or private pictures. This is not limited to items currently being synced but affects all items of that user."

Users can limit their vulnerability by upgrading to Android 2.3.4. The researchers also suggest steps that developers can take to make their apps more secure.

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved