Android phones face public WiFi security threat
18 May, 2011 18:30
Users of Google’s Android based smartphones are being warned to avoid using public WiFi networks due to a data security issue which could allow hackers access to immense personal data.
Researchers at Ulm University in Germany discovered a flaw in the software could allow hackers easy access to user contacts, emails, photos, calendar details and more over unsecured public WiFi networks. The group said as many as 99 percent of smartphone users may be affected. Android is presently the most popular smartphone operating system in the world. The flaw affects those running versions of Android OS prior to the current Android 2.3.4 version. The version currently in circulation already corrected the security flaw. “The implications of this vulnerability reach from disclosure to loss of personal information for the Calendar data,” said Ulm researchers, noting that the security flaw would allow hackers not only to see your information, but alter it as well. A hacker could delete a scheduled appointment, or schedule a meeting on your behalf. They could also change email addresses for contacts or remove them all together.“Beyond the mere stealing of such information, an adversary could perform subtle changes without the user noticing. For example, an adversary could change the stored e-mail address of the victim’s boss or business partners hoping to receive sensitive or confidential material pertaining to their business,” the researchers noted. Google acknowledged the flaw existed, but also clarified that they had all ready corrected it, with the exception of correcting access to Picasa – Google’s photo service. Researchers emphasized that while Google corrected the problem, those who are still using older versions of Android could be affected. Essentially, Android users need to upgrade their phones with the newest OS by downloading it. “All platforms are vulnerable to hackers, particularly at the beginning of their lives, but the openness and popularity of Android means that it is especially at risk. Sadly, many operators don’t provide the necessary updates, leaving their users vulnerable to critical flaws like this one,” Omri Sigelman, vice-president of AVG Mobilation told FT. In the mean time the easiest solution for Android users is to avoid unsecured WiFi networks.