Android vulnerability exposes users to data theft

[Natey2]

"Using an Android device on unsecure Wi-Fi can expose your calendar, contacts, and other data to bad guys"

http://www.infoworld.com/t/mobile-security/android-vulnerability-exposes-users-data-theft-309

Also
http://www.informationweek.com/news/personal-tech/smart-phones/229500737


Sent from my unrooted DroidX using DroidForums app

 

[Backnblack]

Easy fix on that...Don't use'em....

 

[Sal R.]

My paranoia about public wifi networks has just been reinforced, yet again.

 

[FrellingFrakker]

"Using an Android device on unsecure Wi-Fi can expose your calendar, contacts, and other data to bad guys"

Android vulnerability exposes users to data theft | Mobile security - InfoWorld

Also
Android User Data Easily Stolen -- InformationWeek


Sent from my unrooted DroidX using DroidForums app

So can using your laptop, tablet or enter your phone type here, on unsecured wi-fi.

 

[CoFoltman84]

I don't get how they actually hack in though. is it a custom made app or just DOS commands to access our files?

 

[sonicfreak360]

Maybe firesheep? That's my only guess...

Sent from my Droid using Tapatalk

 

[CoFoltman84]

i really need to get up on my hacking. can you also put files onto someones phone? i think it would be great to hack into a friends phone and add a bunch of pictures haha

 

[AngryHatter]

Using unsecured WiFi is a threat to ANY device, not just your phone.
When I am in the airport I use no apps that require a PW.
Not doing your banking on a public WiFi is just common sense.

edit - I saw this a month ago. Proof of concept but not easy to swipe someones data - you need to be very close to the target. And if your phone is off, obviously it reads nothing.

 

[muscleheadbob]

what about people who use it with their work and sync calendars? Do the geniuses at Verizon or Google have a solution for putting our personal information at risk? I am not happy.

 

[cananot]

Ok I can understand about computers but smart phones? I assumed that smart phones didn't have an issue with that ? Cause can't figure out why companies sell virus protection for phones? ?

Sent from my DROIDX using DroidForums

 

[AngryHatter]

No this is an app where the guy can read your stuff, but he has to be with in 5 feet of you.

 

[cananot]

Oh ok I gotcha. So that would mean if they were near me then the Droid would pick that up since they would be going threw Bluetooth or wifi and Droid always makes a sound when something is trying to connect to it Wells how mine is set up. Dang hackers

Sent from my DROIDX using DroidForums

 

[mugsy77]

Android security flaw on 99.7% of phones

Just a heads up and figured Hacks would be appropriate for posting this...Not that we can do anything about it now, but I imagine OTA updates would cover it?

Seriously, Google? Android security flaw affects 99.7% of phones | VentureBeat

 

[muscleheadbob]

This happened when I had an HTC Dash and the wifi was on years ago. I was sitting in a bar and out of nowhere, a day later, the email i assoiated to the Dash was getting spammed and everyone in that addressbook. You would think a company the size of google would be able to use "hindsight". Any word of a patch while I prepare to permanently disable my wireless...

 

[Natey2]

So can using your laptop, tablet or enter your phone type here, on unsecured wi-fi.

It's not the unsecured WiFi network that is the main issue here... it is the Android ClientLogin using http instead of https by default.
Article says it was fixed in Android 2.3.4, so not a unsecured WiFi network issue here. But always better to operate over secure WiFi network (eg. WPA2) for additional level of security.

Sent from my unrooted DroidX using DroidForums app