Android Backups Could Expose Wi-Fi Passwords to NSA

Google's "back up my data feature" for Android may be a convenient and easy way to back up files, but it also may put network security at risk by exposing the passwords of encrypted Wi-Fi networks.

On his personal blog, Electronic Frontier Foundation (EFF) staff technologist Micah Lee pointed out that the backup feature syncs all the network passwords your Android devices remember to Google's cloud storage.

"Because Android is so popular, it's likely that Google has plaintext Wi-Fi passwords for the majority of password-protected Wi-Fi networks in the world," Lee wrote.

As an Android device owner adds Wi-Fi network passwords over the course of using the device, every new password is saved on the device. But because Android devices aren't equipped to encrypt passwords, the devices must be saving and transmitting those passwords in plaintext.

"With your home Wi-Fi password, an attacker can sniff Wi-Fi traffic outside your house (without connecting to your network) and then decrypt it all, passively eavesdropping on your private network," Lee wrote.

"If the attacker wants to do more active attacks, they can connect to your Wi-Fi network and mount a man-in-the-middle attack to eavesdrop on and modify any unencrypted Internet traffic," Lee added. "If you download a file, they can serve you a malicious version instead."

In a statement to tech blog Ars Technica, Google said that Android backup data was "encrypted in transit, accessible only when the user has an authenticated connection to Google and stored at Google data centers, which have strong protections against digital and physical attacks."

 The Google representative did not specify whether the data was encrypted on Google's servers, but added that disabling backup on an Android device would cause all backups to be erased.

Lee noted that since Google at least partly cooperates with NSA data-mining operations, it's possible that the spy agency could get hold of Wi-Fi passwords.

The Android backup feature is turned on by default on stock Android devices, which includes the Nexus line of smartphones and tablets. It can be switched on or off under Backup & Reset in the stock Android Settings menu.

(Manufacturers that tweak their Android builds, such as Samsung or HTC, have their own policies.)

Backup is part of the main Android application program interface, or API, meaning it can be accessed by other apps in order to transmit data to the cloud in case the device were to become compromised.