A group of scientists from the University of Ulm (located in the southern part of Germany) has found some serious security flaws in Android OS. According to the scientists, these security holes can pose a real threat to the personal data of about 97 percent users of the platform.
Because of this security flaw, attackers can access the personal data (calendars, photos, contacts and so on) of users without their permission, because when you access your Google account via an encrypted connection, your smartphone receives a special entry, which is stored for two weeks and gives access to the phone and its services without the need for additional identification. Attackers can access this entry when you are working in unencrypted Wi-Fi networks.
“It is quite easy,” the scientists wrote in a blog post. “The implications of this vulnerability reach from disclosure to loss of personal information.”
This problem is present in the devices running Android 2.3.3 and below, so the advice given by the German researchers is quite logical – you have to update your device’s OS and to be careful when connecting to unencrypted Wi-Fi networks.
Anyway, Google already knows about the issue and says it will be fixed in the upcoming update of the platform. But the problem is that only 3 percent of Android users have the latest versions of the OS, so the spokesman for Google said those who use the older versions of Android will get a patch with a fix very soon.