Report: Majority of Android devices were vulnerable to hacking

Thursday, 19th May 2011 00:49 GMT By Brenna Hillier

German researchers have claimed that 99.7 percent of Androids were host to a major security flaw, although Google has refuted the figure.

Edge reports a team from Ulm University claims Google’s ClientLogin API was open to hackers until a recent update.

By using a method similar to cookie theft, it was apparently “quite easy” to snag entry to Android users’ Google services, with privileges to view, modify, and delete. Contacts, calendar and Picasa all seem to have been vulnerable.

Google responded to Edge’s request for more information by confirming the exploit’s existence, but said it had it under control.

“We’re aware of this issue, have already fixed it for calendar and contacts in the latest versions of Android, and we’re working on fixing it in Picasa.”

The representative also told Edge that the research team’s figures are inflated, as the exploit only works in “highly specific” situations.

Thanks, Gamasutra.



  1. xiaojiekbf

    ( )

    ( )

    #1 4 years ago
  2. TheWulf

    That’s hardly surprising, really.

    Google’s security, whilst not anywhere near as bad as what Sony considers security to be, is something of a joke. I remember when Gmail was an open door, had no encryption at all, and eventually Google stepped up to that with a very nonchalant “Oh, we’d better fix that.” attitude.

    Really, Gmail at one point was completely open, it would’ve been fairly easy to steal information for those inclined enough to do so.

    Android has an exploit? Not surprised.

    #2 4 years ago

Comments are now closed on this article.