There are many threats to the security of Android users, as can be understood by the blog that was written by Rice University professor Dan Wallach. In it he discussed the network of eavesdropping that has developed around the Android users and how some of the inbuilt applications of the platform like Google Calendar software, SSL encryption are on the verge of being misused. The professor says that the calendar software is open to what can be called impersonation attack.
Following the findings done by Wallach, researchers at the University of Ulm have been able to devise a proof-of-concept that has shown the vulnerability of the whole system.
They said that several of the Google's applications are using ClientLogin authentication system but eventually fails when it comes to SSL encryption of their communication with Google's server.
And the kind of technology that ClientLogin uses, it is more easy than tough to unencrypt the request. The researchers were also able to find that Android's calendar sync, contact sync, and Picasa sync are all susceptible to hits. And although the new bug has been fixed into the operating system, it has been seen that many of the handset manufacturers are not using updates.