Probabil putini posesori de terminale Android stiau acest lucru, insa, conform celor de la ComputerWorld, Google le poate citi parolele utilizate pentru conectarea hotspot-urilor WiFi de-a lungul timpului. Incepand cu Android 2.2 exista un sistem care sincronizeaza automat datele din terminale cu serverele Google, el transferand inclusiv parolele WiFi si date despre sistemul de criptare al protoclului utilizat pentru conectarea la hotspot-uri. Optiunea face parte din sistemul de backup al datelor si printre diversele informatii sincronizate cu serverele Google se numara si parolele WiFi, insa compania americana nu spune ca le poate accesa in format text.
If an Android device (phone or tablet) has ever logged on to a particular Wi-Fi network, then Google probably knows the Wi-Fi password. Considering how many Android devices there are, it is likely that Google can access most Wi-Fi passwords worldwide. Many (probably most) of these Android phones and tablets are phoning home to Google, backing up Wi-Fi passwords along with other assorted settings. And, although they have never said so directly, it is obvious that Google can read the passwords.
Android devices have defaulted to coughing up Wi-Fi passwords since version 2.2. And, since the feature is presented as a good thing, most people wouldn’t change it. I suspect that many Android users have never even seen the configuration option controlling this. After all, there are dozens and dozens of system settings to configure.
Desi cei de la Google explica destul de clar ce fel de date transfera Android-ul catre serverele lor, nicaieri nu se specifica faptul ca parolele pot fi accesate in plaintext, desi transmisia de date catre serverele companiei se face printr-un protocop HTTPS. Desigur ca multora nu le va pasa ca Google le stie parola de la toate hotspot-urile accesate de catre ei de-a lungul timpului, insa vorbim despre o problema destul de mare pentru ca Google nu specifica undeva faptul ca poate citi acele date fara ca cineva sa ii opreasca sau sa ii supravegheze.
… it’s great the backup/restore feature is optional. It’s great that if you turn it off Google will delete your data. It’s great that the data is encrypted in transit between the Android device and Google’s servers, so that eavesdroppers can’t pull your backup data off the wire. And it’s great they they have strong security, both digital and physical, at their data centers. However, Google’s statement doesn’t mention whether or not Google itself has access to the plaintext backup data (it does)… [The issue is] Not how easy it is for an attacker to get at this data, but how easy it is for an authorized Google employee to get at it as part of their job. This is important because if Google has access to this plaintext data, they can be compelled to give it to the US government.
Google este privita de catre multi ca un “Big Brother” care culege informatii despre aproape toata lumea si le stocheaza in serverele sale, iar acasta este o noua dovada a faptului ca oricat de siguri v-ati crede, niciondata nu va veti putea proteja de companiile ale caror produse le utilizati, mai ales daca vorbim de internet.
This post was last modified on sept. 14, 2013, 7:10 PM 19:10