It was previously reported by German security researchers Bastian Könings, Jens Nickels, and Florian Schaub (University of Ulm) that 99.7% of Android phones were vulnerable to snooping and that their data (contacts, calendar) could be accessed by a 3rd party under specific circumstances. The reason was that some user login data stored on the phone was sent in clear text (unencrypted), which makes it possible for someone snooping WIFI network packets to intercept them.
Google has recognized that the vulnerability was indeed there, and that Android already had a security fix ready. While Google says that it is basically pushing to fix, it’s not clear when all handsets would be patched, and if wireless carriers need to approve the update.
In any case, the update should be transparent to Android users whenever it happens, hopefully today. Among the services potentially affected by the vulnerability: Google, Twitter & Facebook.
Filed in Android, Google, Hacking, Security and Smartphones.
. Read more about