Google says it's fixed authentication loophole in Android

Friday, May 20, 2011

Related Articles

May 21, 2012 - Demand for BYOD rises as businesses look to better serve customers

May 21, 2012 - Cloud and mobility services can help SMBs

May 18, 2012 - Tips for dealing with employee mobile devices

Contact Us

Phone: +1 (720) 475-4000
Toll Free: +1 (877) 803-9629
Email: info@virtela.net

The news that researchers from the University of Ulm in Germany had discovered a vulnerability affecting 99 percent of Android-powered smartphones was "rippling through security circles" earlier this week, according to Network World writer Paul McNamara.

However, Google acted quickly to repair the problem, pushing a fix out globally just a day later, he said.

The German researchers said that the vulnerability could have theoretically affected access to all Google services by taking advantage of security holes in the company's Calendar and Contacts apps. The basic idea for the attack, they noted, had been thought up weeks earlier by Dan Wallach, who first noticed that Calendar transmits some data in the clear, rather than using encryption.

Experts say that the case is further evidence that smartphone users - particularly those who send and receive important business data using the devices - need to use VPN services to ensure their information reaches only the intended recipient. Data transmitted in the clear, particularly over open-access public Wi-Fi networks, cannot be considered secure.