Android security hole - an update

David Heath
Sunday, 19 June 2011 22:52

Business IT - Security

Despite resolving the issue of how the tablet acquired the WiFi credentials raised in the previous tale, there are still significant issues regarding the storage of such information in a cloud environment.

Following iTWire's report of a security issue with Android's WiFi connection, some resolution has occurred, but many of the main issues remain.

iTWire's previous report suggested that somehow, the WiFi credentials magically transferred themselves from the Google cloud to the tablet.  Fortunately that was resolved when the user concerned (referenced in the previous article) finally recalled that he'd in fact connected to his home WiFi network and logged in with his Google account.

However, that does nothing to dispel a certain disquiet about the whole thing.  Allowing for the slight error made by the original protagonist (let's call him 'Fred' for the purposes of simplicity), we can restate the incident as follows:

Fred buys a new Android device, turns it on, connects to his home WiFi network and logs in to his Google account.  Very quickly the device is informed, via a background download, of every WiFi network Fred has connected to on any of his other Android devices.  We know this because it is given the details for networks that are tens of kilometres away; and clearly the device hasn't visited them (yet!).

So, all this requires is a Google account (a Gmail account is enough), nothing more.  When iTWire raised the issue with Google, their representative asserted that the ability to copy WiFi credentials to the cloud was a user-configurable option and sent screen shots of how to alter the setting; unfortunately, on this writer's phone (an HTC Aria running Android v2.2), despite extensive searching, no such privacy menu was available (clearly I have no privacy!).

Let us test the claim of user configurability (notwithstanding my own lack of a 'privacy' menu).