AfterDawn: Tech news

Google to fix Android security flaw

Written by Andre Yoskowitz @ 18 May 2011 2:38 User comments (2)

Google to fix Android security flaw Google has announced today that it is currently fixing an Android security flaw that was brought to the public's attention last week by German researchers.
The group explained on Friday that some Google account authentication tokens were apparently being sent OTA unencrypted, leaving users with their data freely available if they were on public Wi-Fi.

Hackers using simple software could steal account info for Google Calendar, Contacts and Picasa accounts.

Users with Android 2.3.4 are free of the issue, but 98.4 percent of Android devices run Android 2.3.3 or lower, making the fix useless for the vast majority.

Google has begun rolling out the server-side patch this week for Android 1.5 - 2.3.3, and it will be completed by the end of the week.

Says Google, via CW:

Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days.

Previous Next  

2 user comments

118.5.2011 23:19

Thats what I like about google, they are quick to react and get this exploit fixed.

219.5.2011 12:03

Originally posted by biglo30:
Thats what I like about google, they are quick to react and get this exploit fixed.


What????..............and Microsoft isn't???????

C'mon, it only took MS 10 years to figure out that security breaches need to be fixed.

Comments have been disabled for this article.

News archive