Google Rolls Out Updates for Android Security Hole

May 19, 2011 -

Responding to reports that 99.7 percent of Android-based phones suffered from a security hole that made vital personal data vulnerable to hackers, Google has released an automatic fix to deal with the problem. Google is trying to assure users that no action is needed on their part.

"Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," said Google in a statement. "This fix requires no action from users and will roll out globally over the next few days."

The flaw was identified by Ulm University (Germany) researchers who who tested the security hole on a number of smart phones using the Android operating system. They also found that some phones sent unencrypted data, which clever hackers could "eavesdrop" on with the right tools.

"We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis," said researchers Bastian Könings and Jens Nickels.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs."

Source: GameIndustry.biz


Comments

Re: Google Rolls Out Updates for Android Security Hole

Good, quick turnaround.  That's what I like to see.  Being able to rapidly fix security holes is as important a skill as preventing them in the first place -- because sooner or later, you're going to need to know how to do both.

 
Forgot your password?
Username :
Password :

Poll

Which group is more ethically challenged?:

Shout box

You're not permitted to post shouts.
InfophileI know the ZE series was in the red in Japan, but international series boosted it to profitability. That may not mean it's more profitable in the west, but it does mean ZE3 wouldn't exist without the western market.07/04/2015 - 7:54am
Consterwhy aren't "Video game players" an option on the poll? :P07/04/2015 - 5:19am
Andrew EisenThat was quick! Pretty accurate cosplay of the new Ghostbuster uniform and proton pack: https://twitter.com/mirabellemusing/status/61673135125394227207/03/2015 - 6:23pm
Matthew Wilson@mast I dont know, but I do know it got a cult fallowing here.07/03/2015 - 6:22pm
MastermuneWasn't the Zero Escape series more popular here than in Japan?07/03/2015 - 6:19pm
Matthew Wilson@mast given the game was revealed in the US, I wouldnt be shocked if it was released at the same time.07/03/2015 - 6:15pm
MastermuneI don't trust the big AAA worldwide simultaneous releases though.07/03/2015 - 5:57pm
Mastermune@Infophile I have come to the conclusion that smaller games like zero escape, JRPG's and the like are actually worth preordering sinc they are limited quantities and since they usually release in japan first we know if there are any issues.07/03/2015 - 5:56pm
Infophile@Matthew! Awesome news. I'd preorder on that shout alone if I didn't have a policy against preordering anymore.07/03/2015 - 5:16pm
Matthew Wilsonzero escape 3 was announced today.07/03/2015 - 4:21pm
Matthew Wilson@pnx I am guessing a ddoss since that is what happened to neogaf, but sony needs to do a investment in psn as a whole. steam is still the most reliable and fastest digital platform I use.07/03/2015 - 3:06pm
PHX Corphttp://www.vg247.com/2015/07/03/psn-is-down-sony-investigating/ not again: PSN is down, Sony investigating07/03/2015 - 3:04pm
Matthew Wilsonhttp://www.vg247.com/2015/07/03/digital-extremes-trespasser-keystone-pc/ if true, this is funny and embarrassing for Digital Extremes. companies need too have better security.07/03/2015 - 2:57pm
Matthew Wilsonhttp://www.gamespot.com/videos/the-point-destiny-the-hardcore-gamers-slot-machine/2300-6425852/ this is very good, and well researched.07/03/2015 - 12:41pm
InfophileOther features to become standard: The ability to remap controls however the hell I want. Quicksave at any time (especially for handheld and mobile games). Plus everything Andrew said07/03/2015 - 10:43am
InfophileRegion-freeing becomes tricky for games with a strong online component though, especially when the servers are run by different branches in different regions.07/03/2015 - 10:41am
InfophileI'm in favor of getting rid of region-locking for any purchased games. I can understand an exception for free, ad-supported games, as many ads are only relevant in certain regions, and it's a ridiculous hassle to get ads for all regions.07/03/2015 - 10:40am
PHX Corphttp://kotaku.com/payday-2-has-been-broken-on-xbox-one-for-three-weeks-1715384186 Payday 2 Has Been Broken On Xbox One For Three Weeks07/03/2015 - 8:44am
Matthew Wilsonhttps://www.reddit.com/r/OutOfTheLoop/comments/3bxduw/why_was_riama_along_with_a_number_of_other_large/ here is a more complete acount of whats going on.07/03/2015 - 1:32am
Matthew Wilsonredit is on fire right now. most subreddits have been set to private.07/03/2015 - 1:24am
 

Be Heard - Contact Your Politician