Swiped Tokens Expose Android Devices To Data Theft 162
tsamsoniw writes "Researchers at the University of Ulm have found that eavesdroppers can intercept and use authentication tokens sent between Android apps and Google services via unsecured Wi-Fi. Those tokens, which aren't tied to specific devices or sessions, can be used to peek at and tweak a user's email, contacts, and calendar. Devices running Android 2.3.3 or earlier (which accounts for the vast majority of phones) are most vulnerable, but there are steps devs, Google, and users can take to reduce the risks."
Swiped Tokens Expose Android Devices To Data Theft More Login
Swiped Tokens Expose Android Devices To Data Theft
Related Links Top of the: day, week, month.
Slashdot Top Deals