It’s been reported that nearly all smartphones which run Google’s Android operating system could potentially be hacked, particularly when connected to an unencrypted WiFi network. From research carried out by technology experts at the University of Ulm, hackers can easily break into an Android smartphone, and gather login details for Google applications such as Google Docs and Calendar. In short all Google accounts.
What’s even more worrying is there is a freely available ‘sniffer program’ which hackers can use to gain access to a person’s device. They don’t have to physically hold the handset either as everything can be done over the air.
Speaking with the Daily Telegraph, one of research team members said: “…the adversary can gain full access to the calendar, contacts information, or private web albums of the respective Google user.” The expert added: “This means that the adversary can view, modify, or delete any contacts, calendar events, or private pictures. This is not limited to items currently being synced but affects all items of that user.”
Also worrying is the fact that while users are sent an encrypted file called an Authentication Token, which is basically vulnerable data such as passwords etc, researchers have found these tokens are sent to a smartphone in the form of a text file. This means anyone can read them.
Google is aware of the problem, and has now included a patch it its latest update for Android, namely version 2.3.4. Nevertheless, for those using an Android smartphone it is something that should be of concern, particularly since mobile phones are not automatically updated.