Android Phones Have Security Flaw: Report

Google has fixed the problem, but most people haven't downloaded patch

By Kevin Spak

Posted May 17, 2011 2:20 PM CDT

Copied

Android Phones Have Major Security Flaw: Report — In this 2008 file photo, the T-Mobile G1 Android-powered phone, the first cell phone with the operating system designed by Google Inc., is shown in New York. (AP Photo/Mark Lennihan, file)

A group of university researchers has found a major security flaw that makes more than 99% of Android phones vulnerable to attacks from identity thieves. If users jump onto an unsecured public WiFi network, would-be thieves can swipe the authentication tokens used by Google Calendars and Contacts, the Register explains. That will give them access to all manner of their victims' personal data for two weeks.

“We wanted to know if it is really possible to launch an impersonation attack against Google services,” the researchers write. “The short answer is: Yes, it is possible, and it is quite easy to do so.” Even though Google has fixed the problem in Android version 2.3.4, an estimated 99% of Android phones remain vulnerable. Researchers say there’s a similar flaw with Picasa web albums, which Google is working on, but has not yet solved.

Read These Next

The Reiners murders and arrest have called attention to a 2015 film.
More details coming out about the last party the Reiners attended.
Rob Reiner's son has been arrested after murder of his parents.
Hero who disarmed Australia shooter might lose his arm.

Report an error