If you look to the Android security horizon you will see a storm brewing about Wi-Fi passwords. It has been brewing for a while and it may soon turn into a hurricane. Back in 2011 blogger Donovan Colbert discovered that when he configured his Google account on his brand new Android tablet the device magically knew all the Wi-Fi passwords he had used on other Android devices. Further still Android automatically connected the tablet to the nearest network, which happened to be at his place of work.
It took a while, plus the Snowden-NSA scandal, for people to start to realize what this meant and during this summer trouble has started for Google. It seems to have begun with the University of Passau in Germany who told its students and staff to turn off Android backups because Wi-Fi passwords were sent to a third party (Google). Shortly afterwards the online community started to realize the extent of the problem. Because Google has been driving its Streetview car around the world and because Android (and also iOS) use crowdsourcing to enable mobile devices to get an approximate location fix using information from visible Wi-Fi networks, it means that Google has a map of just about every Wi-Fi network in the world and because Android devices sends the passwords to Google as part of its online backup, then Google (or the NSA) can pinpoint a network and find out its password! By August of this year the Electronic Frontier Foundation (EFF) had picked up on what was going on and called on Google to act fast to restore user trust.
Google seems to have made only one statement about this whole sorry affair via Ars Technica:
Our optional 'Backup my data' feature makes it easier to switch to a new Android device by using your Google Account and password to restore some of your previous settings. This helps you avoid the hassle of setting up a new device from scratch. At any point, you can disable this feature, which will cause data to be erased. This data is encrypted in transit, accessible only when the user has an authenticated connection to Google and stored at Google data centers, which have strong protections against digital and physical attacks.
It is clear from Google’s statement that the data is sent back and forth over a secure link, but it is Google who encrypts and decrypts the data using a key that is not related to a user’s credentials. This means that Google can decrypt this data at will.
Before the extent of the NSA’s spying activities were revealed by Snowden the fact that Google stored your passwords was a risk but maybe an acceptable risk. Google it seems goes through great pains to encrypt the private information it stores on its servers. If Google had the right access procedures in place, the chance of some crazy Google employee trying to get the Wi-Fi passwords of a neighbor’s network so he can stalk them where very small. But since Snowden we have all discovered that the NSA routinely and regularly requests copies of private digital information from the likes of Google, Yahoo, Microsoft and Apple. Because of the current laws in the USA, these companies are forced to comply and aren’t allowed to tell anyone what happened.
It means that the American government can gain access to millions of Wi-Fi networks across the world. All they need to do is send an agent to go stand near the access point and they are in, free and easy. Homes, schools, universities, shops and businesses are all at risk.
The first step is to deactivate the “Back up my data” option on every Android device you own. Since Android 2.2 this service has been activated by default and it is likely enabled on your device without you actually realizing what it is doing. It can be disabled on Android 2.3 devices under Settings, Privacy. For Android 4.x it is found under Settings, “Backup and reset”. According to the statement that Google gave Ars Technica, when you disable this service the data will be deleted from Google’s servers.
But… that isn’t the only thing you need to do. Have you ever given your Wi-Fi password to a friend or guest who came to your home or business and wanted access to the Internet? I guess you probably have. If they used an Android device then the same Wi-Fi data is being sent to Google via their device as well.
So, first you should tell your friends and guests to read this article, but then you should change your Wi-Fi password. You should consider setting up a second Wi-Fi network (many routers can broadcast two networks) with a temporary password which you change frequently. This won’t affect the way you access your Wi-Fi, but guests will need to reenter the password from time to time (depending on how often you change it).
What do you think? Will you be de-activating this service on your Android device?