- 09-16-2013, 05:27 AM #1
Google knows every Wi-Fi password entered from an Android device
What do you think? I remembered to have to reset my phone, I was happy that it remembered my backup data but I had to write password to wifi again.
Last edited by Dave Blake; 09-17-2013 at 07:42 PM.
- 09-16-2013, 07:36 AM #4
It's convenience thing. I wish WP8 did have such capability. I recently did a upgrade on my 920 by flashing Amber firmware via Nokia PC software. As such the phone is wiped and needs to be restored. However, since the default cell network connect does not work for AT&T (my phone is a unbranded DEV phone), and it can't connect to my wifi at the restoring stage, I ended up need to re-install everything manually.
- 09-16-2013, 08:18 AM #6
Convenience has always been the enemy of security and it is up to everyone to find their own balance; but too far in the direction of convenience is folly, while too much security is only a pain in the arse.
The general rule is TNO - trust no one. If you use a service to store logins for instance, always make sure the information is only stored on the computer as it is with Lastpass.
When you do have to trust a service, you have to consider two things: competence and intent. You never tell a secret to a blabber mouth and you never show a burglar where the keys are. The same principle applies here: Google have only ever instigated a security feature after they have been caught out, so they don't strike me as particularly smart.
Google's recent decision to encrypt files store in its servers are no use to Google's users, because they keep the passwords themselves. It would be far better to allow each user to set their own passwords, but then how would Google trawl through your files for keywords? Always distrust someone asking for details they shouldn't conceivably need. In this case of course, Google don't ask, they just take and exactly what use to Google is a database of private Wi-Fi logins?
This reinforces my ban of Android devices from the house. It's clear that Google use Android for illicit data mining and that no smart phone is better than an Android one. In fact dumping Google all together is now the only sane choice.
- 09-16-2013, 10:39 AM #7
IIRC, back in my early Android days, I remember, the first time setup after firmware flashing or hard reset is to prompt you with an option to pick wifi network and enter wifi passwords so that restore of the phone is possible (and without consuming the cell data connection). Whether or not Google knows your password is a different story (which seems only happens in newer Android OS). I was surprised none of that happens in WP8.
- 09-16-2013, 11:07 AM #8
This feature is IMHO very useful. I change my phone around twice a year and it saves a lot of trouble having to go around adding wifi passwords again. And like you said, I can't imagine what Google will do with a bunch of SSIDs and passwords, so I don't mind letting them have it.
- 09-16-2013, 11:17 AM #9
I opted in (it is an opt-in feature on Android, not opt out) on Android, and when I change my Android phone or tablet, I don't have to set up 10 Wi-Fi networks manually. Among other items that are restored, all of those Wi-Fi settings come right back.
When I added a T-Mo Lumia, none of the settings from my VZW Lumia came back.
That might be an advantage for some, but for others it's a PIA.
- 09-16-2013, 11:19 AM #10
OK, Google really might not going to use passwords, but having them in some place stored without knowledge of the user (now we know :)) could be dangerous.
Because what worries me is, that there is ALWAYS a possibility of human error/intervention ... put behind the slash what you want.
- 09-16-2013, 11:37 AM #11
On the same note, WP8's setup and restoring process isn't any better. Yes, it doesn't store wifi passwords. But it also does not prompt me to pick a wifi connection first either.
- 09-16-2013, 12:07 PM #12
Another thing to bare in mind is that while open source is a good answer to surveillance by the state, it also makes it far easier for hackers to find weaknesses to exploit, so while open source has become the mantra in techie circles, there are advantages to in house development by a company like Microsoft.
Of course rebuilding Android would take thousands of hours and you would still end up with something insecure, buggy and laggy; it runs Java for Pete's sake. This is why I'm anti-Android, it can't be fixed.
I recently changed my mobile devices and used Onenote to copy my Wi-Fi password to the new devices. Once I'd joined the network with the new devices, I deleted all copies of the note containing the password. As a solution it isn't perfect, but the window of opportunity for a hacker is small and the compromise was worth the risk. It would have been better if Microsoft encrypted files stored in Skydrive, but that's something I'm hoping they'll instigate, along with VPN and PGP for everybody.
Your final sentence is quite funny. Perhaps you haven't followed the news, but Google have been indicted and are awaiting trial on courts in both the US and Europe for breaching personal privicy. That means they've already breached people's trust, so you'd have to be a fool to trust them and just because YOU can't imagine what harm can be done with a database of SSIDs and passwords doesn't mean THEY can't. Google have to make this information pay somehow.
- 09-16-2013, 12:29 PM #13
Someone who uses legal means to deprive someone of something which is theirs is called a shyster and that's what Google is, a digital shyster. Don't let them use convenience to deprive you of what's yours.
- 09-16-2013, 12:39 PM #14
- 09-16-2013, 05:09 PM #16
Too easy and no drama.
Weekday I really don't get, is why anyone cares about some company having your study password... Are they going to war drive your house, with the Google street view car?
Here, I have a picture of my boots, now you know the tread pattern o of my boots. It matters about as much.... Yds know?
- 09-16-2013, 06:07 PM #17
- 09-16-2013, 06:13 PM #18
Closed source. The most insecure operating system in history, and it is also buggy and laggy to boot. That pretty much kills your closed-source is secure theory and also exposes the fact that you have absolutely no knowledge of software development and information security in general. Contrast to Linux, open source, still lightyears ahead of Windows in security and stability.
In a closed-source dev shop, only the developers (MS for instance) have knowledge about security holes and it is therefore in their interest to hide this as long as it takes to fix. However, other black hats may have figured it out and may be using this to hack into things. With Linux, however, since it's a community, nobody can hide vulns in the source code for very long.
ref When Internet security is concerned, Microsoft continues to hide its head in the sand (old article)
- 09-16-2013, 06:17 PM #19
- 09-17-2013, 03:47 AM #21
1) Windows 7 and 8 are neither slow, nor laggy, nor insecure.
2) Insecurities occasionally flagged in Windows are identified because it runs on more than 90% of the PCs in use. It is profitable (either financially or simply ego) to target whereas the various iterations of Apple's OS and all of the Linux distros run on machines that take up so little of the market it is not worth anyone's while to hack/attack.
3) Android is very insecure, as US agencies that require enhanced security have made clear for several years. US Customs, in fact, identified open source and OEM ability to modify as among of the reasons they only authorized IOS last year. It is also made even less secure for the same reason Windows is targeted by hackers. It runs the vast majority of smart phones and tablets. It is, therefore, worth the time to hack.
4) If the best you can do is pull up an article that predates the release of Windows 7 to demonstrate your argument about the insecurity of Windows you might want to give a bit more thought to your thesis. I can post a bunch of links showing that Firestone tires represent a risk for blow outs; or that the O rings in the space shuttle's solid rocket boosters might fail in cold weather; or that Ford Pintos blow up when rear ended but that doesn't mean current Firestone tires blow out, nor NASA's/USAF prototype reusable vehicle will explode, nor a modern Ford represent a greater risk to drivers.
- 09-17-2013, 08:19 AM #24
- 09-17-2013, 08:34 AM #25
- By nitin88 in forum Windows Phone 8Replies: 3Last Post: 09-18-2013, 07:45 AM
- By Lukson K Thomas in forum Nokia Lumia 820Replies: 3Last Post: 09-16-2013, 12:55 PM
- By Daniel Gandolfo in forum Microsoft Surface for Windows RTReplies: 3Last Post: 09-16-2013, 06:02 AM
- By wpfan86 in forum Windows Phone AppsReplies: 1Last Post: 09-15-2013, 06:26 PM