Google is on its way to fix the vulnerability issue with Android phones that could have exposed users' personal data.
German researchers Bastian Konings, Jens Nickels and Florian Schaub, from the University of Ulm, warned that 99 percent of the handphones had the potential to leak Google services login data over unprotected Wi-Fi networks.
The hackers hackers could have could have access access to data within the phones' calendar and contacts applications.
Google said, We're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts.
The search giant assured that it will take no action from the users’ side to fix it.
Google has responded quickly to the issue but security experts have warned that the large range of Android smartphones on the market are susceptible to security issues.
Graham Cluley, a senior consultant for security firm Sophos said, Whereas Apple can issue a single iOS update to patch iPhones and iPads, things aren't so simple for Google's users. Using 3G may eat into your data plan, but it is far less likely that your communications are being snooped upon.”
Google announced a TRUSTe administered data privacy certification programme for its Apps on Wednesday to address the customers’ paranoia regarding security issues of software in the market.
TRUSTe data privacy certification for Apps Marketplace apps says in a Google blog, Here is the statement:
Over a year ago, we created the Google Apps Marketplace to help you easily discover, evaluate, and deploy integrated web applications for your business or school. In that time, many of you have told us that evaluating apps can be particularly tricky, as you need to consider questions like:
• Who already uses the app, and why do they like it (or not)?
• Will the app’s features address my particular needs?
• Can I trust the vendor who created the app with my data?
We want to make it as easy as possible for you to answer these questions. For example, we offer verified app reviews to highlight comments from customers who we know to be using the app.
Today we’re announcing a feature designed to help address the trust question — a TRUSTe administered data privacy certification program for Marketplace apps. TRUSTe has created a certification program for installable Marketplace apps to verify that they clearly communicate their data handling and privacy practices. This program, which is optional for vendors, displays a green TRUSTe logo on a certified app’s Marketplace listing page as well as search results pages. The logo links then to a certification summary with more specific information about the app.
TRUSTe certification makes it easier for you, as a buyer, to verify the following about an app:
• the vendor has been contacted and certified by TRUSTe personnel
• the purpose for data collection and sharing, and the security used for sharing (https)
Since certification is optional, the absence of a TRUSTe seal does not imply the app has unacceptable or difficult-to-understand practices for data handling and privacy. In fact, the program just launched today, so most apps have not yet applied for certification.