Android Users Vulnerable to Man-in-the-Middle Attack
Due to an insecurity in Google’s ClientLogin Protocol, it seems any Android user running 2.3.3 or earlier could unknowingly give away access to personal data. Researchers at uulm claim that authToken information, stored for 14 days any time you login to sites like Facebook and Twitter, can be easily obtained by hackers:
“To collect such authTokens on a large scale an adversary could setup a wifi access point with a common SSID evil twin of an unencrypted wireless network, e.g., T-Mobile, attwifi, starbucks…With default settings, Android phones automatically connect to a previously known network and many apps will attempt syncing immediately. While syncing would fail unless the adversary forwards the requests, the adversary would capture authTokens for each service that attempted syncing.”
Today, Google announced a fix for the problem, which will be completely transparent to users. You won’t have to do an update or install anything. Picasa synchronization, introduced in Android 2.3, will remain unencrypted. If you think you already got got, you will still need to change your Google password.
Keep in mind that, in order for the attack to work, you would have had to connect to a “fake” unencrypted WiFi network at some point.
AT&T Sees the Light. Removes App Restrictions.
It’s been a long time coming for AT&T Android smartphone customers, but you will FINALLY be able to install 3rd-party applications on your devices (sideloading). This means you will also now get access to Amazon’s Android Appstore, which is still giving away a free app on the daily. The Samsung Infuse, which just launched recently, will be the first phone to get this functionality.
“Over the next few weeks, we will also roll out this capability to existing devices in our base for which an upgrade is possible,” an AT&T spokesman said.
It appears those free daily apps from Amazon were a huge factor in AT&T changing their position. Customers were very vocal and AT&T had no choice.
Netflix Single Largest Source of Interenet Traffic in the US
According to a report by Sandyvine, Netflix now accounts for 29.7 percent of peak downstream traffic in North America. This puts it ahead of Bittorrent, YouTube, and all HTTP websites by a pretty big margin. Bittorrent still dominates upstream traffic, though. The reasons for Netflix dominating our downloads? Video streaming eats up a lot of bandwidth, so it doesn’t take much actual usage to post big numbers. Still, this report highlights the major changes in how we consume visual content.
Google Teaches Developers How To Turn Apps Into Businesses
Apps are where it’s at right now, but there is more to success than just developing an app. Just like any other creative pursuit, there is work to be done once you have a finished product. It’s highly likely that, just like your average musician, developers need a little direction when it comes to the business end of things. This is where Google’s Guide to the App Galaxy comes in:
App Galaxy isn’t an eBook, PDF, or subscription you have to pay for to take advantage. You don’t have to specifically be an Android (Powered by Google) developer either. App Galaxy is pretty awesome website (no sign-up required) that’s designed as a spaceship taking off that carries you through the many aspects of the app business, regardless of what platform you choose to develop for, as it blasts off into the app success stars.