Android breach affects 99% of Android devices

Google is releasing a patch to fix a security breach that affects 99% of Android devices.

The breach comes from accessing unsecured Wi-Fi networks, over which unwanted third party could access users personal data stored in calendar, contacts and even from Picasa’s pictures.

Basically, the ClientLogin authentication protocol on Android apps to verify users identity is improperly implemented. The protocol will save an authentication data (authToken) obtained from ClientLogin for up to two weeks. The authToken consists of the user username and password which is sent over unencrypted connections.

Hackers can then exploit this weakness to access a users authToken. With the authToken in hand, the hacker can access a users Google Calendar and Contacts.


Google issued a fix by forcing its servers to an encrypted secure connection, when Android phones sync with Calendar and Contacts. The fix is being implemented and will take a few days to roll out globally. Note that for once nothing is to be done from the user side. The fix will take effect in the coming few days because Google needs to update its servers.

This breach is probably the biggest one on Android. It affects 99% of devices since only devices running Android 2.3.4 Gingerbread or 3.0 Honeycomb are unaffected.

If you are running previous versions of Android earlier than 2.3.4 Gingerbread, its best you be careful where you connect. Just to be safe, for the next few days, try not connecting to public Wi-Fi, you’ll be thankfull you did should anything were to happen.

The Android world is really a hard place to be. With malware coming from hackers and unsecured apps being developed, any Android user should just be extremely very careful with their handset and venture only on trusted sites.

Related links

The Insecurity of Google’s ClientLogin Protocol