Help Android handsets 'leak' personal data

[pacman10]

BBC News - Android handsets 'leak' personal data tells us that "More than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online. The data being leaked is typically used to get at web-based services such as Google Calendar. The discovery was made by German security researchers looking at how Android phones handle identification information".

It goes on to say "Almost all versions of the Android operating system were passing round unencrypted authentication tokens, found the researchers. It was fixed in version 2.3.4 but, suggest Google figures, only 0.3% of Android phones are running this software".

My HTC Desire is running version 2.2 but a check shows that there is no update available for this phone. Does anyone here know whether this security loophole is likely to be stopped up in the near future ?

 

[SUroot]

Can't post kinks but see Rastamans post currently directly under this one

 

[Kibbster]

Can't post kinks but see Rastamans post currently directly under this one

Good, I think we've had enough of you posting your "kinks" on here

 

[SUroot]

Good, I think we've had enough of you posting your "kinks" on here

That's what SHE said.

Can you kink me to the what keyboard thread please?

 

[pacman10]

Can't post kinks but see Rastamans post currently directly under this one

I don't know what "can't post kinks" means but I've been to those posts and cannot find anything that looks like an answer to my question.

 

[Kibbster]

That's what SHE said.

Can you kink me to the what keyboard thread please?

http://androidforums.com/htc-desire/332154-what-keyboard-do-you-use.html

 

[sdrawkcab25]

The keys can only be taken if you connect to a wi-fi router that a hacker has set up to steal the keys.

In other words stick with connecting to known trusted routers and you'll be fine.

http://phandroid.com/2011/05/17/per...ity-exploit-on-99-percent-of-android-devices/

 

[Kibbster]

I don't know what "can't post kinks" means but I've been to those posts and cannot find anything that looks like an answer to my question.

My bosses Incredible S got it's Gingerbread update yesterday and I expect the Desire will be a way behind the latest handsets, but it is coming.
If you are branded then it's down to your carrier to brand the update and push it out to your phone so you are at their mercy I'm afraid.

 

[pacman10]

My bosses Incredible S got it's Gingerbread update yesterday and I expect the Desire will be a way behind the latest handsets, but it is coming.
If you are branded then it's down to your carrier to brand the update and push it out to your phone so you are at their mercy I'm afraid.

Thanks for this info. I bought my phone without a carrier contract (presumably that is what is meant by non-branded) so as not to be at the mercy of a carrier. Also, fortunately, on the assumption that a leak like this would occur sooner or later I have only a small low-vulnerability subset of my contacts on the phone and don't use Google Calendar.

 

[SUroot]

I don't know what "can't post kinks" means but I've been to those posts and cannot find anything that looks like an answer to my question.

It was supposed to say links.

And its this thread:

http://androidforums.com/htc-desire/337476-very-happy-im-rooted-2-3-4-reason.html