Google Works to Make Android Less Vulnerable to Wi-Fi Snooping
Google said on Wednesday that it is changing the way its Android services work to ensure that calendar and contact information isn’t vulnerable to snooping when a user connects to an open Wi-Fi network.
“Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts,” Google said in a statement. “This fix requires no action from users and will roll out globally over the next few days.”
The security issue, which stems from the way Android had been sending authentication tokens, had been highlighted in a recent paper by researchers at a German university.
Google had already addressed the issue in the most recent versions of Android–Gingerbread and Honeycomb–but the vast majority of phones are running older versions of the operating system.
The company is still looking at how to address a similar issue with regard to its Picasa photo service.