Google has taken swift action to release a fix for the Wi-Fi data leakage issue that has been reported over the last couple of days.
The problem seems to have been blown a bit out of proportion as usual, with scary headlines reading the likes of “Millions of android smartphones are vulnerable to hackers stealing users’ personal information.” Now, nobody likes the thought of their personal data being hijacked by hackers, but the likelihood of this happening/having happened to you is extremely low, even though it ‘could affect 99%’ of users.
The problem was first discovered by scientists at the University of Ulm in Germany, who “wanted to know if it is really possible to launch an impersonation attack against Google services”. The short answer to this is yes, although the researches did state that there is no evidence of the loophole that they have found having been exploited to date.
When this information was first released a couple of days ago, Google stated that it was already aware of the issue (which affects all versions of Android apart from 2.3.4) and it has already started rolling out a fix to the problem. The vulnerability to the Android OS can occur when a user is connected to an open WiFi connection, so the best thing to do if you are worried is to use a 3G/data connection until Google has fixed the problem completely.
It’s good to see Google has responded swiftly to the problem, although perhaps it would have been more responsible for the researchers to give Google the chance to fix the problem before making the information public. Saying that, the news wouldn’t have had so much impact if the problem had already been solved, and perhaps it’s not such a bad idea for the general public to be aware of the potential problems that can be caused by smartphones and their services?
I wonder if Facebook will be making a generous donation (or if it has already) to the University of Ulm to help with future research?