Google Rolls Out Updates for Android Security Hole

May 19, 2011 -

Responding to reports that 99.7 percent of Android-based phones suffered from a security hole that made vital personal data vulnerable to hackers, Google has released an automatic fix to deal with the problem. Google is trying to assure users that no action is needed on their part.

"Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," said Google in a statement. "This fix requires no action from users and will roll out globally over the next few days."

The flaw was identified by Ulm University (Germany) researchers who who tested the security hole on a number of smart phones using the Android operating system. They also found that some phones sent unencrypted data, which clever hackers could "eavesdrop" on with the right tools.

"We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis," said researchers Bastian Könings and Jens Nickels.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs."

Source: GameIndustry.biz


Comments

Re: Google Rolls Out Updates for Android Security Hole

Good, quick turnaround.  That's what I like to see.  Being able to rapidly fix security holes is as important a skill as preventing them in the first place -- because sooner or later, you're going to need to know how to do both.

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
E. Zachary KnightIs that a discussion about RIAA member music labels?07/29/2014 - 10:48am
MaskedPixelantehttp://steamcommunity.com/app/251150/discussions/0/43099722329318860/ In this thread: Idiots who don't understand how licensing works.07/29/2014 - 9:20am
MaskedPixelantehttp://www.joystiq.com/2014/07/28/gaymerx-in-dire-straits-after-nis-america-allegedly-backs-out-of/ NISA backs out of GaymerX support, but it seems like the only people crying foul are GaymerX.07/29/2014 - 6:30am
Papa MidnightIt's not bad so far, but I am honestly not sure what to make of it (or where it's going for that matter)07/28/2014 - 9:44pm
Matthew Wilsonis it any good?07/28/2014 - 9:36pm
Papa Midnight"Love Child" on HBO -- anyone else watching this?07/28/2014 - 9:27pm
MaskedPixelanteNah, I'm fine purple monkey dishwasher.07/28/2014 - 4:05pm
Sleaker@MP - I hope you didn't suffer a loss of your mental faculties attempting that.07/28/2014 - 3:48pm
MaskedPixelanteOK, so my brief research looking at GameFAQs forums (protip, don't do that if you wish to keep your sanity intact.), the 3DS doesn't have the power to run anything more powerful than the NES/GBC/GG AND run the 3DS system in the background.07/28/2014 - 11:01am
ZenMatthew, the 3DS already has GBA games in the form of the ambassador tittles. And I an just as curious about them not releasing them on there like they did the NES ones. I do like them on the Wii U as well, but seems weird. And where are the N64 games?07/28/2014 - 10:40am
james_fudgeNo. They already cut the price. Unless they release a new version that has a higher price point.07/28/2014 - 10:19am
E. Zachary KnightMatthew, It most likely is. The question is whether Nintendo wants to do it.07/28/2014 - 10:12am
Matthew WilsonI am sure the 3ds im more then powerful enough to emulate a GBA game.07/28/2014 - 9:54am
Sleaker@IanC - while the processor is effectively the same or very similar, the issue is how they setup the peripheral hardware. It would probably require creating some kind of emulation for the 3DS to handle interfacing with the audio and input methods for GBA07/28/2014 - 9:30am
Sleaker@EZK - hmmm, that makes sense. I could have sworn I had played GB/GBC games on it too though (emud of course)07/28/2014 - 9:23am
E. Zachary KnightSleaker, the DS has a built in GBA chipset in the system. That is why it played GBA games. The GBA had a seperate chipset for GB and GBColor games. The DS did not have that GB/GBC chipset and that is why the DS could not play GB and GBC games.07/28/2014 - 7:25am
IanCI dont think Nintendo ever gave reason why GBA games a reason why GBA games aren't on the 3DS eshop. The 3DS uses chips that are backwards compatable with the GBA ob GBA processor, after all.07/28/2014 - 6:46am
Sleakerhmmm that's odd I could play GBA games natively in my original DS.07/28/2014 - 1:39am
Matthew Wilsonbasically "we do not want to put these games on a system more then 10 people own" just joking07/27/2014 - 8:13pm
MaskedPixelanteSomething, something, the 3DS can't properly emulate GBA games and it was a massive struggle to get the ambassador games running properly.07/27/2014 - 8:06pm
 

Be Heard - Contact Your Politician