Google Rolls Out Updates for Android Security Hole

May 19, 2011 -

Responding to reports that 99.7 percent of Android-based phones suffered from a security hole that made vital personal data vulnerable to hackers, Google has released an automatic fix to deal with the problem. Google is trying to assure users that no action is needed on their part.

"Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," said Google in a statement. "This fix requires no action from users and will roll out globally over the next few days."

The flaw was identified by Ulm University (Germany) researchers who who tested the security hole on a number of smart phones using the Android operating system. They also found that some phones sent unencrypted data, which clever hackers could "eavesdrop" on with the right tools.

"We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis," said researchers Bastian Könings and Jens Nickels.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs."

Source: GameIndustry.biz


Comments

Re: Google Rolls Out Updates for Android Security Hole

Good, quick turnaround.  That's what I like to see.  Being able to rapidly fix security holes is as important a skill as preventing them in the first place -- because sooner or later, you're going to need to know how to do both.

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Andrew EisenFant4stic. Ugh, their doing the "replace a letter with a number" thing. I hate that. Does anyone think that's cool or attractive? Anyone at all?01/27/2015 - 1:56pm
IvresseEh, trailer's still better than all the Fantastic Four movies combined, tbh...01/27/2015 - 12:45pm
Matthew WilsonIt will never happen, but I wish fox would sell the rights back to disney.01/27/2015 - 11:05am
E. Zachary KnightWell, they went with whimsical and carefree for the first two and they bombed, so now they have swung the pendulum all the way in the other direction hoping it works.01/27/2015 - 11:01am
Andrew EisenIt's like Fox is trying to scare us off.01/27/2015 - 10:57am
Andrew EisenMaybe I'm just a curmudgeon but this is so amazingly the wrong tone for the Fantastic Four. https://www.youtube.com/watch?v=e-BVs-KCSiA01/27/2015 - 10:53am
ConsterSince the ads are in the USA, you're technically correct. Personally, though, I feel the same way as you but in the opposite order: while the ads were legal and the defacing isn't, I really appreciate the sentiment.01/27/2015 - 8:21am
MechaTama31I appreciate the sentiment of the Ms Marvel thing, but defacing *is* still defacing, and free speech is a license to spread hate, if that's really what you want to do with it.01/27/2015 - 7:42am
ConsterAm I the only one imagining the Deep Silver spokesperson making scare quotes Dr Evil style while saying 'incorrectly classified'?01/27/2015 - 7:22am
Michael Chandrahttp://www.telecompaper.com/news/kpn-vodafone-fined-for-net-neutrality-violations--106167501/27/2015 - 5:10am
Michael ChandraThe other for allowing people to watch HBO through an app without being charged for the data-traffic, which was steering customers in their internet behaviour. Both of them against the Net Neutrality Law. 01/27/2015 - 5:10am
Michael ChandraYay, two dutch telephone companies got fined. :) One for blocking selective traffic at their free wifi-hotspots (internetcalling amongst others, prolly Skype and such).01/27/2015 - 5:09am
Andrew EisenHow many people do you think will return their copy for a censored version of the game? My money is on zero.01/27/2015 - 12:47am
Goth_Skunk@Cheater: If I were an Australian consumer, there's no way I'd be returning it.01/26/2015 - 10:43pm
Cheater87Ooops http://stevivor.com/2015/01/ps4-copies-saints-row-iv-re-elected-undergoing-product-recall-australia/01/26/2015 - 10:13pm
Andrew EisenOkay, well I've passed the request along.01/26/2015 - 9:03pm
ZippyDSMleeI loath itunes..........01/26/2015 - 9:02pm
Goth_SkunkUNLESS you haven't downloaded the most 3 recent episodes. Then it cancels your subscription automatically.01/26/2015 - 8:56pm
Goth_Skunk@AE: No. iTunes instead just downloads it automatically, provided you've set it up to do so in your preferences.01/26/2015 - 8:56pm
Andrew EisenAnyone know if iTunes sends email notifications when there's a new episode of a podcast you're subscribed to?01/26/2015 - 8:30pm
 

Be Heard - Contact Your Politician