The safety of Nightwatch Cybersecurity studied expert Yakov Shafranovich discovered the flaw of the existence in Android system recently, can make network aggressor secret capture WiFi broadcast data tracks an user thereby. These data cover address of data of server of address of IP of WiFi network name, BSSID, this locality, DNS and MAC, although latter is in Android 6 and taller version,had been concealed through API.
Groovy APP can be used at legitimate purpose to come normally intercept these data. But scampish APP is in eavesdrop after these data, meet those who bring about sensitive data extremely likely divulge. Aggressor may be used at launching the network attack in the light of this locality WiFi, and use MAC address will track designation Android equipment. In addition service data library is searched, still can have geographical number through network name and BSSID.
Researcher expresses " the restriction that although the system is medium,had Yan Ke to reading the function of this kind of message, but application development person often oversight how correct deploy these limitation and how better protection is sensitive data. This is compared in the APP in Android system general, once equipment is affected by baleful APP, with respect to the condition that can is in to monitor by the hacker, and intercept is other the broadcast information of APP. And intercept is other the broadcast information of APP..
