Linux Today: Linux News On Internet Time.

Android has a gaping network security hole

May 17, 2011, 22:02 (1 Talkback[s])

[ Thanks to sjvn for this link. ]

"A trio of German security researchers from the University of Ulm have looked into the question of whether it was possible to launch an impersonation attack against Google services and started our own analysis.

"The short answer is: Yes, it is possible, and it is quite easy to do so. Further, the attack is not limited to Google Calendar and Contacts, but is theoretically feasible with all Google services using the ClientLogin authentication protocol for access to its data APIs (application programming interface). In other words: We are so hosed."

Complete Story

Related Stories: