Over the last few days there has been some talk regarding another security issue in Google’s Android OS. Apparently there is a problem where 3rd party’s could potentially access and snoop around in a users Calander, and Contacts. From what we are hearing this is a security loophole that is causing some snooping while a user is operating on a Wifi network. Google quickly mentioned this has been fixed in Android 2.3.4 and above but all earlier versions need the fix, that is like 99% of Android phones.
The security flaw stems from the way Android sends authentication tokens over a wireless network, and they have quickly fixed the issue and your Calander and Contacts should all be safe. According to allthingsdigital Google has said the following:
“Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts,” Google said in a statement. “This fix requires no action from users and will roll out globally over the next few days.”
That last bit is the important part. “This fix requires no action from users and will roll out globally over the next few days.” Basically what this means is this is a server-side fix that Google will be conducting over the next few days, and updates to Android phones will not be required. So you can all rest knowing this will be a simple and easy fix that is already on its way into effect. Now Google needs to address a similar issue regarding their Picasa Photo Service, but that is another story on its own.