Google Fixing Its Android Authentication Token Flaw To Plug User Login Credentials Leak
http://www.redmondpie.com/google-fix...dentials-leak/
http://www.redmondpie.com/google-fix...dentials-leak/
Tut Tut Dont you wish you had got an iphone
3 of 3
Needless to say, vulnerabilities like this also affect PC users on shared local wire networks including many workplace networks and cybercafes, public libraries and the like. See this Wikipedia article about Firesheep.
But PC users can usually make a personal choice especially when accessing services using PC browsers. For enhanced security they can get into the habit of using only secure browser connections (https instead of http) for their sensitive transactions.
The difference with Android and other mobile systems is the tendency to use separate applications rather than relying on a browser. If the application has been coded to use only http there is no easy way to force it to use https instead.
But PC users can usually make a personal choice especially when accessing services using PC browsers. For enhanced security they can get into the habit of using only secure browser connections (https instead of http) for their sensitive transactions.
The difference with Android and other mobile systems is the tendency to use separate applications rather than relying on a browser. If the application has been coded to use only http there is no easy way to force it to use https instead.
3 of 3
