Google's Android mobile operating system 'easy to hack'

Author thumbnail
18 May, 2011 Updated Wed 18 May 2011 09:04 CEST
image alt text

A German tech security researcher has shown that Google’s mobile phone operating system Android can easily by hacked if the user is connected to a public internet connection – allowing all their data be accessed.


“You don’t have to have a specialist to do this, it is well-documented by Google. The attacks are very simple,” Bastian Könings, who works at Ulm University, told Der Spiegel.

All the contacts, diary dates and even photos contained on a hacked phone can easily be looked at and even altered – and not only for the period of time the hacker and the hacked are on the same network, he said.

A potential hacker has only to use Google’s interface for external developers, he said. All that is necessary is to log onto a public wireless internet connection such as those found in cafes, airports or hotels.

This gives access to all android mobiles logged onto the same connection. The hacker can catch anything being floated over the Google cloud services, including the ‘tokens’ – authentication data. These remain unchanged for up to two weeks, said Könings, and grant continuing access to a phone even when the public internet session is over.

Business competitors could use such information, just as stalkers could, and even criminals who want to know when someone is definitely going to be away from home.

"We know about this and have been able to solve it in the latest Android versions for calendar and contacts and are working on solving it for Picasa too," a Google spokesman said.

Könings said he had told the company of his findings a while ago but had not received much reaction.

The Local/hc



2011/05/18 09:04

Please keep comments civil, constructive and on topic – and make sure to read our terms of use before getting involved.

Please log in to leave a comment.

See Also