99.7% of Android settlers warned to avoid public WiFi networks over data breach threat

“Owners of Android smartphones are being warned to avoid public WiFi networks after researchers found a security flaw that could affect the vast majority of devices based on Google’s software,” Tim Bradshaw reports for The Financial Times.

“A trio of researchers at Ulm University in Germany found that it was ‘quite easy’ for hackers to intercept data from Google’s photo-sharing, calendar and contacts applications, as well as potentially other Google services such as Gmail, using a flaw that affects 99 per cent of all Android devices,” Bradshaw reports. “In March, Google was forced to remove more than 50 rogue applications, which could have stolen data or sent costly messages, from tens of thousands of Android devices.”

Bradshaw reports, “Google said of the flaw: ‘We’re aware of this issue, have already fixed it for calendar and contacts in the latest versions of Android, and we’re working on fixing it in Picasa.’ However, according to the researchers, the flaw still affects devices running older versions of Android, which make up 99.7 percent of Google smartphones in use today.”

Read more in the full article here.

MacDailyNews Take: Drip, drip, drip…

Related articles:
99% of Android phones leak secret account credentials, other sensitive data – May 17, 2011
Starbucks exec: Android apps often ‘watered down’ – May 16, 2011
Fragmandroid: Netflix app spotlights Android AppLag, fragmentation crisis – May 14, 2011
Intermedia: Business professionals overwhelmingly choose Apple iPhone, iPad over Android phones, tablets – May 12, 2011
Apple’s two-year-old iPhone 3GS still outselling AT&T’s latest Android phones – May 10, 2011
NPD: Apple iPhone 4 for Verizon best-selling mobile phone in U.S.; causes Android to lose share for first time since Q209 – April 28, 2011


  1. You’re a few days late, and the inflammatory reporting, far beyond the scope of the actual issue, is hardly a surprise. For there to be ANY risk of data security being compromised takes a whole set of Doomsday Scenario circumstances – Google is pushing out the fix for Android users over the next few days, NOT requiring A2.3.4 – just a hotfix which I’m guessing will shorten the authToken lifespan or prevent autosync over open/unencrypted wifi or any number of solutions. Meanwhile, this “99%” headline, which isn’t even really relavent to the issue itself (it’s a statistic of how many iterations of Android phones already have 2.3.4, as though that is the only solution), which started with The Register, will continue to fly around for months. Haters Gonna Hate.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.