Swiped Tokens Expose Android Devices To Data Theft

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

×

Swiped Tokens Expose Android Devices To Data Theft 162

Posted by CmdrTaco on Tuesday May 17, 2011 @12:07PM from the swipe-the-leg dept.

tsamsoniw writes "Researchers at the University of Ulm have found that eavesdroppers can intercept and use authentication tokens sent between Android apps and Google services via unsecured Wi-Fi. Those tokens, which aren't tied to specific devices or sessions, can be used to peek at and tweak a user's email, contacts, and calendar. Devices running Android 2.3.3 or earlier (which accounts for the vast majority of phones) are most vulnerable, but there are steps devs, Google, and users can take to reduce the risks."

This discussion has been archived. No new comments can be posted.

Swiped Tokens Expose Android Devices To Data Theft

Search 162 Comments Log In/Create an Account

Comments Filter:

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.