Printed from http://www.electronista.com

Google pushes remote fix for Android authentication exploit

updated 01:50 pm EDT, Wed May 18, 2011

Google to fix Android authentication on own end

Google in a statement Wednesday said it planned to remotely fix an Android authentication hole in the near future. A remote change to how apps authenticate themselves should deploy worldwide over the course of the "next few days." Google stressed that users wouldn't need to update Android devices for the upgrade to work.

The exploit took advantage of Google sending an authentication token for both its own apps and some third-party titles without any encryption for 14 days. Proof-of-concept demos from the University of Ulm showed that it could get calendar and contact information from Google's own apps as well as any app that used the same method.

Only Android 2.3.4 devices and later have the gap patched locally. The lack of immediate answers had raised fears that most of the platform's user base would be left permanently exposed to the flaw due to rampant fragmentation preventing many from getting even minor security updates.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, it's not exactly something most people put a lot of thought into. Printers are often touted as f ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

Epson PowerLite Home Cinema 3500 projector

Trying to find the perfect projector for a home theater can be tricky, as there are bountiful options on the market from a large numbe ...

Advertisement

toggle

Most Commented

 
toggle

Popular News