A team of German researchers have discovered a major flaw in the Google Android operating system. Most Android powered phones have a serious security issue which makes them vulnerable if they are connected to a Wi-Fi network.
The team of German researcher released a new report today that says that 99.7% of all Android powered smartphones currently suffer with the flaw. The latest version of Android which is 2.3.4 and Honeycomb which can be found on Android tablets are safe as the issue has been fixed, however if you are still running 2.2.1 which is also known as Froyo then your calendar and contact information is at risk.
Attacks can be carried out on your Android Froyo phone if it is connected to an unprotected Wi-Fi network or hotspot by an attacker that is looking for an authentication token which is used by Android devices when the phone is communicating with Google services.
One of the researchers said that launching an attack is very easy and all information found in your calendar, contacts, and Picassa web albums is vulnerable, and that theoretically all Google services could be attack or snooped on. Once the attacker has gained access to your smartphone they could access, and change the data. One possible scenario would be an attacker changing your contacts stored email address, which could possibly mean you sending sensitive information to the wrong person.
What you should do
If there ever a time for Google to force their hand over carriers, and their release schedules for updates to Android devices, the time is now. As it stands it could take weeks, or possibly even months for your carrier to send out the required update to Android 2.3.4 which is also known as Gingerbread.
If you are currently using Android 2.2 you should make sure that automatic synchronization is switched off when you connect to unprotected networks, and if possible, you should avoid using open, unprotected networks completely while using Google apps.
Hopefully Google, and all the major carriers will act upon this information quickly so that loss of personal data can be ket to an absolute minimum. With there being so many network attacks here lately, you cannot help but wonder just how safe our valuable data is in the digital age. We put our trust in these companies yet time and time again they let us down. Lets hope they get this exploit fixed quickly.
cnet, Android Phones Vulnerable to Snooping, by Elinor Mills