Tuesday, May 17, 2011

Android Impersonation Attacks

If you use an Android device, you better take some precautions as 99% of the devices are vulnerable to impersonation attacks.

What does this mean? Well, it means that your device will try to connect to any known network - even if its one cloned by an attacker, which is then able to sniff out your authtorization tokens, and with that information, pretend to be you in a number of different services, like Google Calendar, Facebook and Twitter.

Google has already patched this flaw in the upcoming Android 2.3.4 (although they seem to have forgotten Picasa, which still suffers from it) - but considering 99% of the Androids out there are running older (and much older) versions... It becomes quite risky to use any WiFi connection outdoors.

No comments:

Post a Comment

Related Posts with Thumbnails

Amazon Store