In yet another instance of devices betraying users' personal privacy, university researchers have found that most phones running Google's Android operating system are vulnerable to attacks, which let
adversaries steal "digital credentials" used to access calendars, contacts, and other sensitive data stored on the search giant's servers.
,br>
The findings from Germany's University of
Ulm build on previous findings from Rice University professor Dan Wallach, who in February uncovered similar Android privacy shortcomings. "Based on Google's own statistics ... more than 99 percent of
Android-based handsets are vulnerable to the attacks, which are similar in difficulty and effect to so-called sidejacking exploits that steal authentication cookies," The Register writes.
The attacks can only be carried out when Android-powered devices are using unsecured networks, such as those offered at Wi-Fi hotspots. A Google spokesman said the Android team is aware of the
issue and is working on a fix.
advertisement
advertisement
Read the whole story at The Register »