Google Rolls Out Updates for Android Security Hole

May 19, 2011 -

Responding to reports that 99.7 percent of Android-based phones suffered from a security hole that made vital personal data vulnerable to hackers, Google has released an automatic fix to deal with the problem. Google is trying to assure users that no action is needed on their part.

"Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," said Google in a statement. "This fix requires no action from users and will roll out globally over the next few days."

The flaw was identified by Ulm University (Germany) researchers who who tested the security hole on a number of smart phones using the Android operating system. They also found that some phones sent unencrypted data, which clever hackers could "eavesdrop" on with the right tools.

"We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis," said researchers Bastian Könings and Jens Nickels.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs."

Source: GameIndustry.biz


Comments

Re: Google Rolls Out Updates for Android Security Hole

Good, quick turnaround.  That's what I like to see.  Being able to rapidly fix security holes is as important a skill as preventing them in the first place -- because sooner or later, you're going to need to know how to do both.

 
Forgot your password?
Username :
Password :

Poll

Is King right? Should all games adopt the free-to-play model?:

Shout box

You're not permitted to post shouts.
MaskedPixelanteNumber 3: Night Dive was brought to the attention of the public by a massive game recovery, and yet most of their released catalogue consists of games that other people did the hard work of getting re-released.04/17/2014 - 8:46pm
MaskedPixelanteNumber 2: If Humongous Entertainment wanted their stuff on Steam, why didn't they talk to their parent company, which does have a number of games published on Steam?04/17/2014 - 8:45pm
MaskedPixelanteNumber 1: When Night Dive spent the better part of a year teasing the return of true classics, having their big content dump be edutainment is kind of a kick in the stomach.04/17/2014 - 8:44pm
Matthew Wilsonhttp://www.giantbomb.com/articles/jeff-gerstmann-heads-to-new-york-takes-questions/1100-4900/ He talks about the future games press and the games industry. It is worth your time even though it is a bit long, and stay for the QA. There are some good QA04/17/2014 - 5:28pm
IanCErm so they shouldn't sell edutainment at all? Why?04/17/2014 - 4:42pm
MaskedPixelanteNot that linkable, go onto Steam and there's stuff like Pajama Sam on the front-page, courtesy of Night Dive.04/17/2014 - 4:13pm
Andrew EisenOkay, again, please, please, PLEASE get in a habit of linking to whatever you're talking about.04/17/2014 - 4:05pm
MaskedPixelanteAnother round of Night Dive teasing and promising turns out to be stupid edutainment games. Thanks for wasting all our time, guys. See you never.04/17/2014 - 3:44pm
Matthew WilsonAgain the consequences were not only foreseeable, but very likely. anyone who understood supply demand curvs knew that was going to happen. SF has been a econ/trade hub for the last hundred years.04/17/2014 - 2:45pm
Andrew EisenMixedPixelante - Would you like to expand on that?04/17/2014 - 2:43pm
MaskedPixelanteWell, I am officially done with Night Dive Studios. Unless they can bring something worthwhile back, I'm never buying another game from them.04/17/2014 - 2:29pm
PHX Corphttp://www.msnbc.com/ronan-farrow/watch/video-games-continue-to-break-the-mold-229561923638 Ronan Farrow Daily on Video games breaking the mold04/17/2014 - 2:13pm
NeenekoAh yes, because by building something nice they were just asking for people to come push them out. Consequences are protested all the time when other people are implementing them.04/17/2014 - 2:06pm
Matthew Wilsonok than they should not protest when the consequences of that choice occur.04/17/2014 - 1:06pm
NeenekoIf people want tall buildings, plenty of other cities with them. Part of freedom and markets is communities deciding what they do and do not want built in their collective space.04/17/2014 - 12:55pm
Sora-ChanI realize that they have ways getting around it, but one reason might be due to earthquakes.04/17/2014 - 4:42am
Matthew WilsonSF is a tech/ economic/ trade center it should be mostly tail building. this whole problem is because of the lack of tail buildings. How would having tail apartment buildings destroy SF? having tail buildings has not runed other cities around the US/world04/16/2014 - 10:51pm
Matthew WilsonAgain the issue is you can not build upwards anywhere in SF at the moment, and no you would not. You would bring prices to where they should have been before the market distortion. those prices are not economic or socially healthy.04/16/2014 - 10:46pm
ZippyDSMleeYou still wind up pushing people out of the non high rise aeras but tis least damage you can do all things considered.04/16/2014 - 10:26pm
ZippyDSMleeANd by mindlessly building upward you make it like every place else hurting property prices,ect,ect. You'll have to slowly segment the region into aeras where you will never build upward then alow some aeras to build upward.04/16/2014 - 10:25pm
 

Be Heard - Contact Your Politician