SAN FRANCISCO — Android smartphone owners beware: A security flaw that affects the majority of devices based on Google's software has forced warnings to avoid public Wi-Fi networks.
Researchers at Ulm University in Germany found that it was “quite easy” for hackers to intercept data from Google’s photo-sharing, calendar and contacts applications, as well as potentially other Google services including Gmail, according to the Financial Times.
Google says the security flaw has been fixed in Android’s 2.3.4 version of its operating softwares and beyond. But the flaw still affects devices running older versions of Android, which make up 99.7 percent of Google smartphones in use today.
Attacks work when unsecured wireless access points that imitate public Wi-Fi hot spots that the phone has accessed before capture an authentication token. That token can then be used by attackers to access and modify personal data in calendar and contacts, as well as Google photo site Picasa.