European Data Protection Digest

Scientist Experiment Finds Smartphone Data Risks

DATA LOSS—UK

February 25, 2011

A computer scientist says that "cell phones running the Android operating system fail to encrypt data sent to and from certain Web sites," The Register reports, creating privacy implications for millions. Prof. Dan Wallach made the discovery during an experiment with his undergraduate security class. Connecting a packet sniffer to his network, Wallach observed the traffic from various apps including Facebook and Google Calendar to his phone. Unencrypted private messages, photo uploads and other transactions were all visible, the report states. Facebook said it is still testing its Secure Sockets Layer (SSL) and advises users to practice caution on unsecured networks. Google said it plans to begin encrypting calendar traffic on Android soon.
Full Story