Google Rolls Out Updates for Android Security Hole

May 19, 2011 -

Responding to reports that 99.7 percent of Android-based phones suffered from a security hole that made vital personal data vulnerable to hackers, Google has released an automatic fix to deal with the problem. Google is trying to assure users that no action is needed on their part.

"Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," said Google in a statement. "This fix requires no action from users and will roll out globally over the next few days."

The flaw was identified by Ulm University (Germany) researchers who who tested the security hole on a number of smart phones using the Android operating system. They also found that some phones sent unencrypted data, which clever hackers could "eavesdrop" on with the right tools.

"We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis," said researchers Bastian Könings and Jens Nickels.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs."

Source: GameIndustry.biz


Comments

Re: Google Rolls Out Updates for Android Security Hole

Good, quick turnaround.  That's what I like to see.  Being able to rapidly fix security holes is as important a skill as preventing them in the first place -- because sooner or later, you're going to need to know how to do both.

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
ZippyDSMleeRyan Rardin:I already own the game I will wait till the PS4 can paly PSX/ps2 games. Really wish they would make a shrt run of 700$ all in one PSX console.....save me a ton of shelf space!04/18/2015 - 5:45pm
PHX Corphttp://www.extremetech.com/computing/203654-leaked-sony-emails-show-mpaas-opposition-to-fair-use-confirms-users-are-viewed-as-thieves Leaked Sony emails show MPAA’s opposition to fair use, confirms users are viewed as thieves04/18/2015 - 10:49am
prh99I'd happily run DBAN on all their servers and back up with a 7 pass wipe.04/18/2015 - 1:07am
Matthew Wilsonmetaphorically speaking of course04/17/2015 - 9:40pm
Matthew Wilsonhttps://soundcloud.com/totalbiscuit/brevity-is-the-soul-of-twit I agree with TB twiter is not good for anything more their links. twiter is a toxic wasteland, and I wish I can nuke it from orbit.04/17/2015 - 9:38pm
MechaCrashI can understand why Sony wants the Pokemon and Smash movie rights, but it's not hard to see why Nintendo wouldn't want to sell to them. Kinda their competitors in the console arena.04/17/2015 - 8:01pm
PHX Corp@MW We won't know until the nintendo General Shareholders meeting if the leaks(From Sony Pictures) is true or not04/17/2015 - 7:55pm
MechaCrashIn GG news: they got kicked out of Calgary Expo for getting a booth under false pretenses and disrupting panels. http://www.themarysue.com/calgary-expo-gamergate-evicted/ How long before they get thrown under the No True Scotsman bus?04/17/2015 - 7:53pm
MechaTama31EZK: Because what if I want to see that website I was looking at a while ago? Well, just keep scanning through my tabs til I see it! There's an aspect of archaeology to it, too. "Oh yeah, I was looking up how to build my own pizza oven. Good times..."04/17/2015 - 6:52pm
Matthew Wilsondo it in the art style of those trailers, and I am on board.04/17/2015 - 5:24pm
PHX Corphttp://mynintendonews.com/2015/04/17/sony-were-apparently-trying-to-get-the-rights-to-a-pokemon-and-super-smash-bros-movie/ Sony Were Apparently Trying To Get The Rights To A Pokemon And Super Smash Bros Movie04/17/2015 - 4:14pm
E. Zachary KnightCan't wait to see the new digs on Saturday.04/17/2015 - 1:41pm
Andrew EisenBy the by, I moved this week so if I dropped a comment thread or two, my apologies for leaving you hanging.04/17/2015 - 12:22pm
Andrew EisenIf I were going to buy Mortal Kombat X, I'd wait for the inevitable Game of the Year edition that includes all the DLC for an overall cheaper price.04/17/2015 - 12:22pm
PHX CorpMortal Kombat X: On Disc DLC Confirmed Read more at http://gamingbolt.com/mortal-kombat-x-on-disc-dlc-confirmed04/17/2015 - 12:17pm
james_fudgeme04/17/2015 - 8:37am
Ryan RardinWho else would like to see The Misadventures of Tron Bonne on PlayStation Classics?04/17/2015 - 2:21am
ZippyDSMleeso I can save my bookmarks and nuke it with a ree install put my bookmarks back reget all my plugins and I am good to go04/17/2015 - 2:15am
ZippyDSMleeMechaTama31: I run 70 tabs and use a suspend plugin to suspend them. i have a folder in my bookmarks that have all my pluings in it04/17/2015 - 2:14am
E. Zachary KnightOnly one question: Why?04/16/2015 - 10:16pm
 

Be Heard - Contact Your Politician