Android security fix coming, no device update necessary
Google is already hard at work to fix the security hole that affects the security of Android apps that sync with servers on the Internet. They have found a way to fix the problem without having to update users’ devices, which is good since 99.7% of devices (all running Android 2.3.3 and below) were affected.
It’s a server-side fix – Google will make its servers switch to a secure channel when syncing users’ data. The fix should roll out to Google's servers over the next few days and affect every Android device.
The Contacts and Calendar apps were affected and this fix should make them secure. The Gallery app, which syncs online albums with Picasa, however is and will remain vulnerable after the fix (the Gallery app is developed by a third party). Google is looking into that but didn’t give a timeframe for fixing the Gallery hole.
It’s a good thing Google managed to find a solution that doesn’t require updating the Android devices themselves – that usually takes quite a while and some older devices aren’t being updated at all any more.
Reader comments
- maxwell
- 23 May 2011
- vxt
how sure are we that this issue is really fix?? I have'nt heard anyting in the news saying that the google company declaires this issue resolve hahahah i just want to make sure this is documented for the future.. so just in case this issue will arise...
- lonely
- 22 May 2011
- tu6
hey.. if they wont fix thats bugs so hack all the system with it or be hacked!!! but never-mind ios4 still the in the moment haha...
- Yani
- 21 May 2011
- 3pw
Ha I knew it! I was right! This is not an Android issue! It's an "open wifi" issue, but still... Google was at fault because he sent sensitive data unencrypted. And in previous article about "Android security hole" Talkie ...