Yesterday we have written about the security flaw in the Android OS, 99 percent of the Android phones are vulnerable to attack over open Wi-Fi connection. In response with the research made by German Researchers, Google said “We are addressing the issue and will be rolling out a fix to Android phones starting today.”
A Google spokesman said “The fix requires no action from the users and will roll out globally over the next few days.”
What exactly the fix will do?
The fix forces all the Android devices to connect to Google Calendar and Contacts servers over https (secured http) so that someone snooping on an unprotected wireless connection won’t be able to grab authentication tokens used by the operating system to validate devices.
Reason of Flaw
The German study showed that the flaw occurs because Android phones store login information for services like Twitter, Facebook & Gmail for 14 days. This stored information is accessing to hackers over the same public Wi-Fi connection.
This security flaw is not applicable on Android 2.3.4 for smartphones and 3.0 for tablets. The fast and quick response by Google is appreciated.
We would like to recommend you, not to use internet over open wireless network until the fix is released.