(This is a preview - click here to read the entire entry.)
(Photo: IntoMobile.com)
That's the conclusion reached by researchers at the University of Ulm, in Germany, who have found that any phones running a version of Android prior to 2.3.3 are vulnerable due to a weak ClientLogin authentication protocol.
Basically, any time an Android user signs into a service like Twitter, Facebook or a new Google account, the programming interface retrieves an authentication token that is sent in cleartext. Because the authToken can be used for up to 14 days in any subsequent requests on the service, the information is left wide open for thieves to steal.
Related Stats android news List Of Android Phones tmobile android phones 2010 Related Stats android permission Android Apps android logcat
Source: http://www.androidpit.com/en/android/blog/395301/99-of-Android-Phones-Vulnerable-to-Attack
No comments:
Post a Comment