Google Rolls Out Updates for Android Security Hole

May 19, 2011 -

Responding to reports that 99.7 percent of Android-based phones suffered from a security hole that made vital personal data vulnerable to hackers, Google has released an automatic fix to deal with the problem. Google is trying to assure users that no action is needed on their part.

"Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," said Google in a statement. "This fix requires no action from users and will roll out globally over the next few days."

The flaw was identified by Ulm University (Germany) researchers who who tested the security hole on a number of smart phones using the Android operating system. They also found that some phones sent unencrypted data, which clever hackers could "eavesdrop" on with the right tools.

"We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis," said researchers Bastian Könings and Jens Nickels.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs."

Source: GameIndustry.biz


Comments

Re: Google Rolls Out Updates for Android Security Hole

Good, quick turnaround.  That's what I like to see.  Being able to rapidly fix security holes is as important a skill as preventing them in the first place -- because sooner or later, you're going to need to know how to do both.

 
Forgot your password?
Username :
Password :

Poll

Will Code Avarice's Paranautical Activity make its way back onto Steam?:

Shout box

You're not permitted to post shouts.
Andrew EisenMarvel also shows it understands that once it leaks, it's out there and went ahead and officially released the trailer. https://www.youtube.com/watch?v=tmeOjFno6Do10/22/2014 - 9:36pm
E. Zachary KnightMarvel's response is the best.10/22/2014 - 9:31pm
Andrew EisenI'll be streaming some games tonight at 8p PST in preparation for Saturday's marathon. twitch.tv/andreweisen10/22/2014 - 9:30pm
Adam802http://www.cbsnews.com/news/3d-video-games-surprising-concern/10/22/2014 - 9:16pm
MaskedPixelanteI'm not sure how to feel about Ultron's mouth. I'm sure he has one in the comics, but this is getting dangerously close to Transformers "Optimus has a defined mouth and it looks super weird" territory for me.10/22/2014 - 8:49pm
Andrew EisenMarvel on the leaked Avengers 2 trailer: https://twitter.com/Marvel/status/52507165630662656010/22/2014 - 8:09pm
E. Zachary KnightI squeed like a little girl when I watched the leaked Avengers Age of Ultron trailer. So much awesome.10/22/2014 - 6:47pm
quiknkoldI have a problem with games that use a digit for sequals when clearly they can be called something else. Five Nights at Freddy's 2? Nonono. Its "Another Five Nights at Freddy's" or "Five Nights Week 2"10/22/2014 - 5:30pm
E. Zachary KnightExtra Credits has come out against GamerGate. https://www.facebook.com/ExtraCredits/posts/86104175727438610/22/2014 - 5:28pm
E. Zachary Knightis it really that hard to answer a question, that to me seems fairly straight forward? I ask, because I have asked a specific question now 3 times without an actual answer in the wastebook thread.10/22/2014 - 5:20pm
Andrew EisenFive Nights at Freddy's 2! Yay! https://www.youtube.com/watch?v=lVPONdZBh6s10/22/2014 - 5:07pm
Matthew Wilsonyou guys know he doesnt work for ea anymore?10/22/2014 - 5:02pm
WymorenceYou forgot having to open Unity through Origin too. :p10/22/2014 - 4:37pm
MaskedPixelanteUnity will now be licensed out half finished, with remaining tools to be sold back to you for 10-15 dollars a piece.10/22/2014 - 3:23pm
E. Zachary KnightNot a big fan of this news, but Unity3D's CEO is stepping down and John Riccitiello steps up. http://gamasutra.com/view/news/228384/Helgason_steps_down_as_Unity_CEO_and_John_Riccitiello_steps_up.php10/22/2014 - 3:06pm
MaskedPixelanteIt's probably extremism.10/22/2014 - 12:07pm
Matthew Wilsonthat being said, they are more likely to blame religious extremists than games.10/22/2014 - 12:01pm
Matthew Wilsonlets just hope they dont try to blame video games.10/22/2014 - 12:00pm
MaskedPixelanteOh joy, Ottawa's on lockdown, this is going to be a fun couple of days...10/22/2014 - 11:56am
MaskedPixelanteAnyone have any good text replacement scripts? I want one that can censor out Breitbart links.10/22/2014 - 11:35am
 

Be Heard - Contact Your Politician