How to avoid data leakage on Android

Android phones all the rage, some even believe it will outpace the iPhone. As for me, being a security professional, I have my concerns. Many security researchers have demonstrated that almost every single Android Smartphone can leak login data for Google services – that’s a scary thought. The problem is due to the fact that the login tokens are sometimes sent in clear test over wireless networks, thus allowing hackers to grab these tokens and potentially cause mischief. This can be done easily by a hacker by setting up a wireless access point with a common SSID of an un-encrypted public wireless network such as those used by providers such as Starbucks. Since login tokens are usually valid for a long time (sometimes 14 days), you’re left vulnerable for long periods of time – a hacker can potentially access your system for two weeks once the login is compromised. 2 weeks? Yikes. So what do you do? Here are some tips:

• Switch off automatic sync when using open WiFi.
• Avoid (or at least limit) using open WiFi connections.
• Use secure transmissions (HTTPS instead of HTTP), by upgrading the handset to Android 2.3.4.

Leave a Comment

Your email address will not be published. Required fields are marked *


Performance Guarantee

Miro’s no risk Performance Guarantee is that the amount of cost savings that we uncover will be more than our fees.

Oracle Guides

Microsoft Resources

IBM Resources

Managed Services for Oracle Licensing

Miro’s Managed Services for Oracle licensing is a best practice approach for an organization to optimize and outsource the practice of Software Asset Management to specialized external experts to ensure the organization’s compliance with vendor rules and policies.

Learn More