[bigpolla04]

Just seen this on Sky News ...
Glad I stick with blackberry ...


Android Leaks Personnal Data'

Last Updated: 9:47AM 18/05/2011
Millions of Android smartphones are vulnerable to hackers stealing users' personal information, researchers have said.
The report, from the University of Ulm, claims that handsets using Google's operating system are open to a data leak which leaves their calendars, contacts and pictures exposed.
Hackers can tap into the transfer of information between the phones and the internet, gaining access to the personal data.
Only the latest phones with system version 2.3.4 have had the leak plugged, meaning that 99.7% of handsets could be targeted.
"We wanted to know if it is really possible to launch an impersonation attack against Google services," the German researchers wrote.
"The short answer is yes, it is possible and it is quite easy to do so."
They added that once access had been gained, a hacker could view, modify or delete any contacts, calendar events or private pictures.
But there is no evidence to date that any hackers had taken advantage of the loophole, the researchers added.*
Many applications on Android phones use authentication tokens, which removes the need to keep logging into a service each time it is accessed.
A hacker monitoring one of the phones on a wi-fi network would be able to steal the token, and use the information to log onto websites.
The flaw was discovered in phones such as HTC Desire, Nexus One and Motorola XOOM.
A spokesperson for Google said: "We are aware of this issue, and have already fixed it for calendar and contacts in the latest versions of Android.
"We are working on fixing it in Picasa (picture application)."

Posted from my CrackBerry at wapforums.crackberry.com

[RHCE]

Just seen this on Sky News ...
Glad I stick with blackberry ...


Android Leaks Personnal Data'

Last Updated: 9:47AM 18/05/2011
Millions of Android smartphones are vulnerable to hackers stealing users' personal information, researchers have said.
The report, from the University of Ulm, claims that handsets using Google's operating system are open to a data leak which leaves their calendars, contacts and pictures exposed.
Hackers can tap into the transfer of information between the phones and the internet, gaining access to the personal data.
Only the latest phones with system version 2.3.4 have had the leak plugged, meaning that 99.7% of handsets could be targeted.
"We wanted to know if it is really possible to launch an impersonation attack against Google services," the German researchers wrote.
"The short answer is yes, it is possible and it is quite easy to do so."
They added that once access had been gained, a hacker could view, modify or delete any contacts, calendar events or private pictures.
But there is no evidence to date that any hackers had taken advantage of the loophole, the researchers added.*
Many applications on Android phones use authentication tokens, which removes the need to keep logging into a service each time it is accessed.
A hacker monitoring one of the phones on a wi-fi network would be able to steal the token, and use the information to log onto websites.
The flaw was discovered in phones such as HTC Desire, Nexus One and Motorola XOOM.
A spokesperson for Google said: "We are aware of this issue, and have already fixed it for calendar and contacts in the latest versions of Android.
"We are working on fixing it in Picasa (picture application)."

Posted from my CrackBerry at wapforums.crackberry.com

Well i agree with you 100 percent on this and android is throwing patches to an os like patches on a street then they say its not an issue when it really is now people saying its on server side problem dam that's even worser hackers have the advantage to do whatever and Google said they bringing Microsoft down i cant see how and if there aware of this issue then it should've been fixed since the G1 time cause it been there in the android system it just been exposed but android users wont believe it cause they think your hating but android wasnt made for the same purpose as BBOS and IOS and they dont see that

[scottdubois]

I don't get why everyone thinks they're safe from all this just because they have a Blackberry.

Any phone weather its smart or dumb can be tracked and have data copied and be hacked and all the rest of it because its a legal requirement in the United States and has been for 15 years!

don't take my word for it go and read the 1996 telecommunications act and you'll see it all in black and white.

whether you use an Iphone, Motorola, Nokia, Samsung, Blackberry, it doesn't matter big brother is watching you and there's nothing you can do to stop it, apart from selling your cell and never buying another one!

[Masahiro]

I don't get why everyone thinks they're safe from all this just because they have a Blackberry.

Any phone weather its smart or dumb can be tracked and have data copied and be hacked and all the rest of it because its a legal requirement in the United States and has been for 15 years!

don't take my word for it go and read the 1996 telecommunications act and you'll see it all in black and white.

whether you use an Iphone, Motorola, Nokia, Samsung, Blackberry, it doesn't matter big brother is watching you and there's nothing you can do to stop it, apart from selling your cell and never buying another one!

Well, I'm convinced. I've already thrown my phone out the window, and banned my cat from sleeping in my bed.

[anon3230140]

I don't get why everyone thinks they're safe from all this just because they have a Blackberry.

Any phone weather its smart or dumb can be tracked and have data copied and be hacked and all the rest of it because its a legal requirement in the United States and has been for 15 years!

don't take my word for it go and read the 1996 telecommunications act and you'll see it all in black and white.

whether you use an Iphone, Motorola, Nokia, Samsung, Blackberry, it doesn't matter big brother is watching you and there's nothing you can do to stop it, apart from selling your cell and never buying another one!

You're just in denial mate. BlackBerry is way more secure than the rest and thats a fact.. take it or leave it a fact remains a fact. Even Obama uses one... that should tell you.

Peace to the BB fam..

[qbnkelt]

Since I bought my Atrix there have been three security related issues...yes, the location was easily solved by opting out, but if a user didn't know or was brand new to smartphones they could have had their location stored. Now this one.
When I first bought my Atrix I didn't have WiFi since I have no use for it so I *had* to do my first software update at Union Station. Since it had been a couple of days since I'd bought the phone I already had my Facebook, Twitter, and other such accounts set up. Now comes this nice little set of news.
Because I was forced to do the upgrade via WiFi and I was excited to use the phone I did it at Union Station, over a public WiFi. For months I'd felt uneasy about Android and I bought one on impulse....yah, I've learned a lesson. For what is important for me, to include security, Android's weaknesses far outweigh its usefulness as a gorgeous multimedia experience.
Three incidents, my Atrix is out.
I stay with what I trust, my BBerries. Before anyone even mentions Jared Co., I am not overly dependent on apps. I'm very careful about what I put on my device.
Been there, done that, learned that my initial impressions were *all* correct - email is not on a par with BB, communications as a whole are not on a par with BB, profiles are nonexistent, battery sucks, security record is abysmal. Multimedia excels on the Atrix. Everything else excels on my BBerries.

Posted from my CrackBerry at wapforums.crackberry.com

[Daniel Ratcliffe]

I don't get why everyone thinks they're safe from all this just because they have a Blackberry.

Any phone weather its smart or dumb can be tracked and have data copied and be hacked and all the rest of it because its a legal requirement in the United States and has been for 15 years!

don't take my word for it go and read the 1996 telecommunications act and you'll see it all in black and white.

whether you use an Iphone, Motorola, Nokia, Samsung, Blackberry, it doesn't matter big brother is watching you and there's nothing you can do to stop it, apart from selling your cell and never buying another one!

Oh please, as the quote below says, Obama uses one. But that's only the tip of the iceberg. If they're just as insecure as iPhones and Androids, then why are iPhones and Androids not getting banned in countries for being too secure but BlackBerrys are? I think that says a LOT about BlackBerry and is a great pitch. "Yeah, we're banned for 80% of countries for being too secure". If I saw that, and saw that it was true, and I needed security, I'd buy up in a heartbeat.

You're just in denial mate. BlackBerry is way more secure than the rest and thats a fact.. take it or leave it a fact remains a fact. Even Obama uses one... that should tell you.

Peace to the BB fam..

[justineporter]

You're just in denial mate. BlackBerry is way more secure than the rest and thats a fact.. take it or leave it a fact remains a fact. Even Obama uses one... that should tell you.

Peace to the BB fam..

AGREED!
Blackberry's are banned in some places because the government can't get into the files. They think people are up to no good because of this. Blackberry's are really secure. There are even articles on CB once in awhile about a new place Blackberry's are banned and as well on the news. When they're talking about how smartphones are unsafe on the news it is always iPhones and androids I have seen it has not been Blackberry's

[qbnkelt]

Word of caution...the most secure platform can fail if you make bad choices in terms of usage. BB is by no means infalllible.

Posted from my CrackBerry at wapforums.crackberry.com

[blue81to]

I don't get why everyone thinks they're safe from all this just because they have a Blackberry.

Any phone weather its smart or dumb can be tracked and have data copied and be hacked and all the rest of it because its a legal requirement in the United States and has been for 15 years!

don't take my word for it go and read the 1996 telecommunications act and you'll see it all in black and white.

whether you use an Iphone, Motorola, Nokia, Samsung, Blackberry, it doesn't matter big brother is watching you and there's nothing you can do to stop it, apart from selling your cell and never buying another one!

This is true. There is a law in USA that all phones must be hackable and insecure to a certain degree so that it's easier for the government to do it if they need to. Idk the specifics though. I'll look it up and post it in this thread later.

Posted from my CrackBerry at wapforums.crackberry.com

[T�nis]

'The short answer is yes, it is possible and it is quite easy to do so.'
They added that once access had been gained, a hacker could view, modify or delete any contacts, calendar events or private pictures.

Great. But it has flash!

/crying

Posted from my CrackBerry at wapforums.crackberry.com

[anon3230140]

This is true. There is a law in USA that all phones must be hackable and insecure to a certain degree so that it's easier for the government to do it if they need to. Idk the specifics though. I'll look it up and post it in this thread later.

Posted from my CrackBerry at wapforums.crackberry.com

That is so NOT true. What is in place is the phone manufacturers/network providers will have to agree to requests from governments if they need access to customers phone data in cases of national security/crimes etc... It has to be requested and then supplied by the company. There is no "must be hackable or whatever" condition.

In the UK right now there are loads of cases going on where News of the World is getting sued by celebrities due to their Voicemail being hacked (and that's a network provider security issue not phone manufacturer). If the phones were supposedly supposed to be hackable to an extent why would the middle east countries be threatening BB with a ban like the previous posters pointed out? You guy's just wont accept that other devices are flawed because you're simply well, haters/fanboys ..call it what you want.

BTW due to the Voicemail security issue i disabled mine about a year ago... need to leave a message then text or email me. BB encryption takes care of the security.

Chuuuch!

[T�nis]

BTW due to the Voicemail security issue i disabled mine about a year ago... need to leave a message then text or email me. BB encryption takes care of the security.

Please refresh my memory ... What vm second issue?

Posted from my CrackBerry at wapforums.crackberry.com

[blue81to]

I see an article but it doesn't say how they hacked people's voice mail.
Ex-PM Brown feared voice-mail hacking amid scandal, source says - CNN

Couldn't someone put spyware on a Blackberry?


The government is stalking everyone and they want to shut down websites that promote freedom and democracy.


Anyone notice how youtube keep trying to get you to associate your phone number or gmail account with your youtube account? If you look up a youtube video about government corruption, Google will know. And they'll have a record saved of where you've been because your Android device as been tracking you. Next thing you know, the police are raiding your headquarters and the resistance is crushed.

[Deathcommand]

I agree, but where is it just as bad as Apple?
I'd like to argue that it is worse.
Don't get me wrong, I hate iPhones (the phone, love iPod touches)
It the Android exploit wasn't just this though, Lots of Apps do it as well.

[tkwolf]

shame on you people for hating on iphone and android. they're like the gods of the mobile world. learn to worship them, bec they're the only ones that can save our race.
:/

[Deathcommand]

shame on you people for hating on iphone and android. they're like the gods of the mobile world. learn to worship them, bec they're the only ones that can save our race.
:/

me?!
I love Android.
Well some Androids.
ThunderBolt.. UGH. Horrible.

[kbz1960]

I will not be assimilated.

[tkwolf]

me?!
I love Android.
Well some Androids.
ThunderBolt.. UGH. Horrible.

well not just you and i was just playing lol im not an android lover nor am i a fan of apple. its not because of the brands but because they don't just work out for me

[jd914]

You're just in denial mate. BlackBerry is way more secure than the rest and thats a fact.. take it or leave it a fact remains a fact. Even Obama uses one... that should tell you.

Peace to the BB fam..

Lest see, the best Blackberry devices on the market are super secure but are basically POS devices with POS 3-4 year old technology. Torch, Bold and Storm are nothing to be proud of or brag about. I'll stick with my iPhone and Android.

[Xopher]

The issue is not Android phones, but Google's servers. The hackers would have access to anything you sync with Google. If you have an Android device, you are probably already syncing to Google (GMail, Google Calendar...).

If you have your GMail account on your BlackBerry, sync your contacts or calendar with Google, then you are open to the very same hack. After all, the vulnerability is with hacking the server, not the phone.

The phones, on the other hand, are pretty much easily accessible as well. Of course, you have to install an application on the phone (someone can't hack the phone without something installed). It is a little easier with Android, as some of the hackers have proven by decompiling apps and adding trojan apps to the marketplace.

BUT, the same thing can be done with a BlackBerry. All a developer has to do is create an application that reads the address book, calendar, notes, tasks, or other information, and send it out (It's been done already on BlackBerry, and even several threads about it on this forum). The main reason we don't see it as much on BlackBerry is that to gain access to those sections on a BlackBerry, you have to have signing keys. Once you sign the app, you are getting RIM's permission to access those areas. Plus, it is easier to change permissions once an app is installed on a device, so you can lock out access to things like GPS on the fly.

If someone wrote an app to collect your data, signed the app, and sent it to App World (or you installed it from their website, or another service), once it is approved (they mainly just check to see if it will run, uninstall, and not interfere with the OS), anyone can install it and be vulnerable. Once it is found out, though, RIM will know who developed the app (based on the signing keys), revoke the keys (so they can't create new apps), and take it out of the market.

Things like Obama's BlackBerry, or countries not being able to access devices has nothing to do with the recent security issue reported. Those devices are protected by being connected to a BES server. Each company (and government entity) creates their own BES encryption keys, which are not known to RIM. Communication between the BlackBerry and the BES server is encrypted and can't be hacked. That is what those countries are upset about. If you are on BIS, like almost every consumer, countries can access that information. It is not secure. Heck, it's been reported even BBM uses the same encryption key across every single BB device.

Also, both the iPhone and BB6 web browser were hacked this Spring. It was shown that with javascrpt turned on, personal information could be accessed from the BB just by visiting a website. Android was not hacked that way. RIM's response was for users to turn off javascript in the web browser until a patch was sent out (and approved through your carrier).

Am I concerned about someone hacking my information through Google's servers? A little, but they are working on a server-side solution.

Am I concerned about apps being installed that could access my information. A little, but I watch what I install, read reviews, make sure I am installing apps from legitimate developers. I can even install apps like Lookout to watch what is being installed to verify vulnerabilities.

Is BlackBerry more secure? In some ways yes (especially on BES), but someone could access your information through an app you install (*cough*JeredCo*cough*), or gain access to info via web browser. But, just like with my Android device, it is up to me to watch what I install and which websites I visit.

[Tre Lawrence]

Xopher, you are destabilizing this thread by being reasonable. Please desist.

[blue81to]

My browser crashed before I could post what I was about to post so I'm not going to type the whole thing over again. But here's a summery.

In USA for the past few years, all new cell phones can be traced by the government. PSAP means Public Safety Answering Points. That's like, when you call 911 and things like that.

Under Phase II, the FCC requires wireless carriers, within six months of a valid request by a PSAP, to begin providing information that is more precise to PSAPs, specifically, the latitude and longitude of the caller. This information must meet FCC accuracy standards, generally to within 50 to 300 meters, depending on the type of technology used. The deployment of E9-1-1 requires the development of new technologies and upgrades to local 9-1-1 PSAPs, as well as coordination among public safety agencies, wireless carriers, technology vendors, equipment manufacturers, and local wireline carriers.
Enhanced 9-1-1 - Wireless Services

.

Here's a list of Enhanced 911 Phase 2 Plans of different USA carriers. It started years ago so it should be almost everywhere by now.
E911 - Carrier Phase 2 Plans
.

They don't just trace 911 calls. They can trace you no matter who you call.
Cobb County Hit-and-Run Driver Caught Through Cell Phone Records | Georgia Personal Injury Attorney Blog


I've just now heard of this. No phone is safe. This article is kind of old. Do anyone know how it turned out?

Meanwhile, the ministry has directed DoT to check the veracity of reports which said China has got a server that allows monitoring of mails and emails emanating from the smartphone.

India government wants a BlackBerry server in India to track messages easily to which the company has been resisting.

RIM has been addressing security concerns of several other countries, including the U.S, and, therefore, the ministry maintained that there is no justification not complying with similar rules in India.
BlackBerry agrees to address India's security concerns, says ministry - International Business Times

.

This may seem off-topic but I think it's an example of what we're talking about in this thread. The government want to monitor all telecommunications whether you've committed a crime or not. They want to crush any resistance and prevent it from organizing. The government want phone security to be vulnerable. That way any telecommunication can be monitored. In the video, notice they mention cell phones.

[T�nis]

BlackBerry security is two-fold. In addition to the ota security enjoyed by BES users, EVERY BlackBerry user benefits from device level (stored data) security if he enables the AES encryption that every BlackBerry comes with. BlackBerry blows away Android and iPhone for this feature alone.

Posted from my CrackBerry at wapforums.crackberry.com

[justineporter]

Word of caution...the most secure platform can fail if you make bad choices in terms of usage. BB is by no means infalllible.

Posted from my CrackBerry at wapforums.crackberry.com

That is just like everything though.