Dan Goodin reports:
Cellphones running the Android operating system fail to encrypt data sent to and from Facebook and Google Calendar, shortcomings that could jeopardize hundreds of millions of users’ privacy, a computer scientist says.In a simple exercise for his undergraduate security class, Rice University professor Dan Wallach connected a packet sniffer to his network and observed the traffic sent to and from his Android handset when he used various apps available for Google’s mobile platform. What he saw surprised him.
The official Facebook app, for instance, transmitted everything except for the password in the clear, Wallach blogged on Tuesday.
Read more in The Register.