Google is quietly fixing an authentication flaw discovered in its Android operating system, and will generally improve and simplify its security and privacy settings in the near future.
The flaw was discovered by researchers at the University of Ulm in Germany on 13 May. The authentication glitch only affects applications that access Google services, such as Calendar and Contacts. When a Wi-Fi network connection opens access to the services, the authentication token, which has a validity of two weeks, is vulnerable to interception and a hacker could use it to log in to a user’s account.
“We’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third-party access to data available in Calendar and Contacts,” a Google spokesman said. “This fix requires no action from users and will roll out globally over the next few days.”
At Google’s UK Big Tent privacy conference, its former CEO Eric Schmidt said that Google will simplify its app installation process to comply with privacy issues. The installation would make it much clearer if an app expects to access users’ sensitive data. Schmidt did not say if this would be extended to comply with a recent EU request to include location data.
The Google measures have limits and will not fully protect users. “It is worth stressing that we can only do this with data you have shared with Google. We can’t be a vacuum-cleaner for the whole Internet,” he said.
Schmidt’s views on privacy are somewhat contradictory. He has said in the past that information sharers show they have nothing to hide but has also said that some shared information will have bad repercussions for sharers. This time, his comments left many conference delegates wondering if Google really has a handle on the problems that can arise. This was highlighted when he said that it would be better for people to forget about the whole issue and just hand over the information Google requests.
“If you choose to give us that information we can do a better job. If we know a little bit more about you we can offer better targeted search,” he explained.
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…