Google Rolls Out Updates for Android Security Hole

May 19, 2011

Responding to reports that 99.7 percent of Android-based phones suffered from a security hole that made vital personal data vulnerable to hackers, Google has released an automatic fix to deal with the problem. Google is trying to assure users that no action is needed on their part.

"Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," said Google in a statement. "This fix requires no action from users and will roll out globally over the next few days."

The flaw was identified by Ulm University (Germany) researchers who who tested the security hole on a number of smart phones using the Android operating system. They also found that some phones sent unencrypted data, which clever hackers could "eavesdrop" on with the right tools.

"We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis," said researchers Bastian Könings and Jens Nickels.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs."

Source: GameIndustry.biz

Comments

Re: Google Rolls Out Updates for Android Security Hole

Submitted by Thad on Sat, 05/21/2011 - 15:12.

Good, quick turnaround.  That's what I like to see.  Being able to rapidly fix security holes is as important a skill as preventing them in the first place -- because sooner or later, you're going to need to know how to do both.

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
ZippyDSMleeSomething I did by hand on my convertiable laptop, http://zippydsmlee.deviantart.com/art/Cotlop-zelda-unfinished-sketch-WIP-finish-373937163 forgot if I posted it befor.06/19/2013 - 7:44pm
ConsterAlso, I guess The War Z changed its name so they can scam some more people?06/19/2013 - 7:44pm
ConsterAE: when even HuffPo makes the same joke, it's not something you want to take credit for. :P06/19/2013 - 7:43pm
Andrew EisenHey look! The War Z changed its name to Infestation: Survivor Stories. http://infestationmmo.com/06/19/2013 - 7:23pm
Andrew EisenYou're going to have a lot of company in prison, RedMage. Most of the internet has stolen MY joke. Bastards!06/19/2013 - 7:06pm
RedMageThe cover art thing points to an industry trend of only wanting to appeal to teen boys despite the talk of "broadening the appealz"06/19/2013 - 6:17pm
RedMageI'd like to turn myself in for unintentional theft of a joke. Ignorance of the law is no excuse :o06/19/2013 - 6:17pm
Andrew EisenRemember the fight to get Last of Us's Ellie on the game cover? Check this out: http://cheezburger.com/758618624006/19/2013 - 6:12pm
Andrew EisenRedMage - Thief! You stole my joke! You're a horrible, loathesome person! Or you simply had the same idea and didn't read my earlier shout!06/19/2013 - 5:35pm
RedMageMaybe they're going to rename it the Xbox 18006/19/2013 - 5:26pm
IanCBet EA are pissed.06/19/2013 - 5:17pm
Andrew EisenAh, James is just a little quicker on the keyboard than I!06/19/2013 - 5:07pm
Craig R.Too little, too late.06/19/2013 - 4:52pm
DorthLousPWAHAHAHAH, the MS spinning sound woke me up :)06/19/2013 - 4:27pm
Andrew EisenMicrosoft's new console shall now be known as the Xbox One-Eighty.06/19/2013 - 4:17pm
Andrew EisenI imagine we were typing our respective shouts at the same time.06/19/2013 - 4:14pm
MaskedPixelanteSo Andrew... is there going to be a new poll now? I mean, the one about the XBO DRM is kinda no longer relevant.06/19/2013 - 4:13pm
Andrew EisenIn light of Xbox One's furious backpeddling on its DRM policies, I'm closing the poll for now. I'll probably write a new one later today or tomorrow.06/19/2013 - 4:11pm
IanCFound three people whining about this so far. Saying that its because of cheapasses and that its going to be horrible online now. W T and indeed F.06/19/2013 - 4:09pm
Andrew EisenTechnogeek - I agree but: "After a one-time system set-up with a new Xbox One, you can play any disc based game without ever connecting online again." Why do I need to connect online to set up a system I'm not going to use online?06/19/2013 - 4:07pm
All shouts
 

Be Heard - Contact Your Politician