If you use an Android device with version 2.3.3 or earlier (99.7% of all Android devices) and you enter an unsecure Wi-Fi zone then you are vulnerable to an attack fromunscrupulous persons. ”This vulnerability is not not limited to standard Android apps but pertains to any Android apps and also desktop applications that make use of Google services via the Client Login protocol over HTTP rather than HTTPS” according to Catching Auth-Tokens in the Wild. With the stolen “Client Login protocol” people can gain access to your Google calendar, contacts and private Web albums. While in these applications a person can view, modify and or delete information.
Leave a Reply