Google Pushing Fix for Personal Data Security Exploit
So.... how will this affect rooted users with custom ROMs?
or
Will it?
So.... how will this affect rooted users with custom ROMs?
or
Will it?
I don't know that custom ROMs will make a difference as much as running the original Google apps that have this issue. They've shown off their ability to update their own apps without any intervention from the user (e.g. when the new Market was pushed).
I'm not losing sleep over getting it or not as I don't use public wi-fi networks.
I'm not losing sleep over getting it or not as I don't use public wi-fi networks.
I wasn't sure if was part of the OS too or not. I only use wifi at home myself, so I haven't been concerned. I just wasn't sure if they were going to try and push an OTA and have the custom recovery throw it away.
Thanks for the info.
I'm not finding where I saw this information (probably slashdot), but I read somewhere that the root of the problem is apps like GMail using HTTP (as opposed to HTTPS). Anything sent unencrypted over an open wi-fi network has the same security as printing it on the front page of a newspaper. Basically it sounds like people are sniffing packets on open wi-fi and getting tokens which allow them to emulate your login. Same thing as the firesheep Facebook exploit a few months ago.
I'm obviously no Google engineer. Pure speculation -- if they can force-update their own apps (like they did with Market) I would think they can push updates to all the apps to force encryption.
Similar threads
