New smartphone privacy alert as Android handsets found to be prone to leaking data


New smartphone privacy alert as Android handsets found to be prone to leaking data - Millions of smartphones which use the Android software promoted by Google are a security risk, it was claimed yesterday.

Researchers found that criminals can tap into the transfer of information between the phones and the internet, gaining access to personal data.

The discovery was made by security experts at the University of Ulm in Germany.


Target: Criminals can tap into the transfer of information between Android phones and the internet, gaining access to personal data

Target: Criminals can tap into the transfer of information between Android phones and the internet, gaining access to personal data


PERSONAL DATA BREACHES

In April this year Sony had to shut down its PlayStation Network for a month after a massive security breach.

The network was shut down on April 20 after it was found that the security breach had affected more than 100 million online accounts.


Most smartphone manufacturers other than Apple use the Android operating system.

Many applications on Android phones interact with Google services by asking for an authentication token – essentially a digital ID card for particular application. The token removes the need to keep logging into a service each time you need to access it.

It is claimed that a hacker monitoring an Android smartphone connected to the internet via a wi-fi network would be able to steal the token.

In theory, the hacker would then use the information to log on to websites using the identity of the phone’s legitimate user.

In a blog posting on their findings, the researchers said: ‘The adversary can gain full access to the calendar, contacts information, or private web albums of the respective Google user.’


Risk: It's claimed that a hacker monitoring an Android smartphone connected to the internet via a Wi-Fi network would be able to see and steal its ID token

Risk: It's claimed that a hacker monitoring an Android smartphone connected to the internet via a Wi-Fi network would be able to see and steal its ID token


PROTECT YOUR ANDROID

1. Use a PIN or password
Ensure that a PIN is required to access your home screen.

2. Keep it up to date
Updates to operating systems include patches for newly-discovered security vulnerabilities.

3. Be careful with apps
Unless you are an information security expert, you should only download apps from the official app stores.

4. Turn off Wifi and Bluetooth
If you aren't using them, you should turn off wireless communications features.

5. Backup your data
Sometimes the only way to be sure the virus is to remove is to completely wipe its memory. You should make regular backups to preserve your contact, message, photos and apps.


They added: ‘An adversary could change the stored e-mail address of the victim’s boss or business partners hoping to receive sensitive or confidential material pertaining to their business.’

The researchers said while they had identified a security loophole there is no evidence, to date, that any hackers are taking advantage of it.

Google has released software updates which are said to address most of the security concerns.

Mark Evans, director at IT services provider, Imerja, said: ‘That such an enormous proportion of Android phones could potentially be leaking users’ personal data is shocking.

‘Mobile devices are increasingly used for business, more so than laptops, and their security is essential to protect organisations against data breach or other ill-intentioned activities.

‘The message to companies is clear; mobile devices must be properly secured. They should be implementing robust and enforceable security policy structures to support effective mobile working, such as encryption.’

Most smartphone manufacturers - other than Apple - use the Android operating system. ( dailymail.co.uk )



No comments:

Post a Comment