Google knows every single Android user's WiFi password

J

Justin Kahn

Posts: 752   +6

google android wifi gmail os passwords networks

New privacy issues have come to light surrounding Google's Android mobile OS. Experts on the matter are claiming that back up tools in the operating system make it so that a copy of every person's WiFi password (or the password of other networks you log onto) is being stored on Google's servers. Unfortunately, this might mean that Google could be legally forced to hand over the data at the government's request for one reason or another.

In Android 4.2, the back up service under Settings, lists WiFi passwords as part of the data that will be included, where as earlier versions of the OS did not specifically mention that. Although the feature can be turned off, users lose other, helpful functionality like bookmarks etc.

The main problem here is beyond the fact that Google is storing the passwords. The company is storing them in such a way that means it can read the passwords if it wants to. This is clear to see by the way new Android devices can suck in old passwords, login data and device settings from Google servers, once you have setup your Gmail address and new password.

Obviously, this functionality has its up sides, we can easily manage passwords for several devices and services this way, but it certainly leaves the networks we use in a much less secure state than we may have originally thought. Although this isn't shocking in the least, it is surprising that Google would leave these passwords in a readable form as well as opening itself up for an almost guaranteed public back lash if the government ever does strong arm them for that data.

Permalink to story.

https://www.techspot.com/news/54016-google-knows-every-single-android-users-wifi-password.html

 
How long will we put up with Google's constant disregard for our privacy?

Answer: As long as they keep developing cool gadgets for us to use. When we're finally living in the world of Orwell's 1984, Big Brother won't be to blame -- we will be, for being complacent and stupid; for allowing this abuse and exploitation to go on for as long as it has.
 
  • Like
Reactions: BabyFaceLee
I am not sure how this is news, but I am glad you brought it up. I saw this in my newly bought Android 4.0 (ICS) last year and turned it off immediately. I was beyond puzzled that Google weighs convenience over security to such extent.
 
I am pretty sure google wont be outside my house piggybacking my wireless!

I don't know what evidence could be obtained by knowing someone's wireless WEP/ WEP2/ AES ect key?
 
  • Like
Reactions: mizkitty and Arris
coppersloane said:
How long will we put up with Google's constant disregard for our privacy?

Answer: As long as they keep developing cool gadgets for us to use. When we're finally living in the world of Orwell's 1984, Big Brother won't be to blame -- we will be, for being complacent and stupid; for allowing this abuse and exploitation to go on for as long as it has.
Click to expand...

Except that Google isn't the government. So at least the 1984 universe will be limited to Android users only. :)

Although this isn't shocking in the least, it is surprising that Google would leave these passwords in a readable form as well as opening itself up for an almost guaranteed public back lash if the government ever does strong arm them for that data.
Click to expand...

I don't get it. What could the govt possibly want with wi-fi passwords? If they want access to a wi-fi network, wouldn't 'strong-arming' the owners of the network be a lot easier than getting it out of Google's team of lawyers?
 
It is not news that Google backups up Wifi passwords. It may come as news that these passwords are stored by Google in such a way that they can be retrieved with just a Gmail email and password. That means Google can read the passwords. And again, its not that Google has anything to gain by reading them, but agencies of the government might. When you combine this with huge number of Android devices, hundreds and hundred of millions, you end up with a scary big database of Wifi passwords.
 
coppersloane said:
How long will we put up with Google's constant disregard for our privacy?

Answer: As long as they keep developing cool gadgets for us to use. When we're finally living in the world of Orwell's 1984, Big Brother won't be to blame -- we will be, for being complacent and stupid; for allowing this abuse and exploitation to go on for as long as it has.
Click to expand...
Or possibly until people develop the genetic ability to shut their mouths, and leave the phone turned off and in their pockets.
 
If you think Google is the only one doing this then prepare to be thunk wrong ;) . I exchanged my Surface RT which had been on my network for a couple of weeks for a Surface Pro and when I logged in at home it knew my wifi password already. It was a bit scary until I figured "who with the power to get to this information cares enough to get on my network?"
 
LNCPapa said:
If you think Google is the only one doing this then prepare to be thunk wrong ;) . I exchanged my Surface RT which had been on my network for a couple of weeks for a Surface Pro and when I logged in at home it knew my wifi password already. It was a bit scary until I figured "who with the power to get to this information cares enough to get on my network?"
Click to expand...
Did you ever click the "remember me" button, or did it just know?
 
Different physical machine and OS (RT vs Win8) - no transfer of settings between devices - logged into the same account.
 
LNCPapa said:
Different physical machine and OS (RT vs Win8) - no transfer of settings between devices - logged into the same account.
Click to expand...

do both windows Rt and windows 8 force you to login with an email account?

I'm sticking to 7 so I don't know.

It is possible MS has this information stored and that is why it remembered your wifi?

that is the only thing that makes sense to me
 
Well, God hears all your prayers, and by extension, tentatively knows all your passwords.

The only reasonable conclusion I can draw is, "Google is God....!!!:eek:
 
I did log into an MS account... but if they store that info then they can get that pw with very little effort.
 
  • Like
Reactions: ViperSniper2
I find it puzzling that this has made into such a big deal when it is in fact not a big deal. Anyone that buys an Android device is offered the "option" of having this info backed up on Google servers. If a user "chooses" to utilize this feature or "chooses" to not uncheck the setting as they setup their phone, how is it somehow the fault of Google? The user "chose" to have the info backed up!
 
Mac address whitelist on router, you can steal my passwords all day long
 
Ahhhh so you think if they have only your wifi password they can't look at the mac address and then simply clone it? It's really easy.. Especially when you know an authorized Mac...
 
This isnt new! Google has been syncing my wifi passwords across all my devices for as long as I can remember, so of course they have the passwords! But what are they gonna do? Log onto my wifi in London? Don't be stupid.
 
highlander84 said:
Ahhhh so you think if they have only your wifi password they can't look at the mac address and then simply clone it? It's really easy.. Especially when you know an authorized Mac...
Click to expand...

ok, if you put it that way, then Mr. Evil Hacker will need to either: hack your google account, force you to login to his network, steal either your device or router
accessing lan data requires another password that is not stored on google server
is all this hassle worth having someones "free" wifi? I dont think so

in case of Big Brother its all non essential, BB knows everything you do and ever did and can at any moment come to your home and take w/e it wants
 
Guest said:
highlander84 said:
Ahhhh so you think if they have only your wifi password they can't look at the mac address and then simply clone it? It's really easy.. Especially when you know an authorized Mac...
Click to expand...

ok, if you put it that way, then Mr. Evil Hacker will need to either: hack your google account, force you to login to his network, steal either your device or router
accessing lan data requires another password that is not stored on google server
is all this hassle worth having someones "free" wifi? I dont think so

in case of Big Brother its all non essential, BB knows everything you do and ever did and can at any moment come to your home and take w/e it wants
Click to expand...

Google database can be compromised. Once Wi-Fi access is compromised, the hackers can sniff your network packets for data in your Wi-Fi transmission.
 
I guess its a good things wifi is turned off on my cellphone. I don't really use wifi. At home, I dont have it, and forget to connect to it at my parents' place.
 
gamoniac:
Google database can be compromised. Once Wi-Fi access is compromised, the hackers can sniff your network packets for data in your Wi-Fi transmission.
Click to expand...

they can sniff packets w/o google database, wifi is not a secure connection
the question is: whats easier to hack, google database, or decrypt password you transmit with packets over wifi, or just steal device
 
You must log in or register to reply here.

Similar threads

D
Google Chrome gets real-time phishing and malware protection with upgraded Safe Browsing...
Replies
7
Views
257
Evrsr
E
Daniel Sims
Google's Find My Device network could be rolling out very soon
Replies
2
Views
108
theotherdave
theotherdave
A
Android 15 might come with an improved desktop mode
Replies
5
Views
130
NumberNine
NumberNine

Latest posts

Back