Rice University professor Dan Wallach wrote a blog post in February that discussed the threat that network eavesdropping poses to Android users. Several applications, including the platform's native Google Calendar software, don't use SSL encryption to protect their network traffic. Wallach speculated that the calendar software could be susceptible to an impersonation attack.
Researchers at the University of Ulm followed up on Wallach's findings and devised a proof-of-concept attack to demonstrate the vulnerability. Several of Google's applications use the ClientLogin authentication system but fail to use SSL to encrypt their communication with Google's servers, making them susceptible to eavesdropping attacks.
Read the comments on this post
Victoria Pratt Shakara Ledard Vanessa Marcil Rachel McAdams Kristin Cavallari
No comments:
Post a Comment