Skip to main content

Backing Up Android Means Giving Google Passwords

Did you know Google is collecting Wi-Fi passwords saved on Android smartphones and tablets? You can thank the baked-in backup feature in Android for this, as the platform sends personal data into the cloud so that when users purchase a new Android device or need to restore one to factory defaults, all settings can be restored after signing into a Google account, even Wi-Fi passwords.

Say, for instance, you have the first-generation Nexus 7 tablet. Before Android 4.3 "Jelly Bean", it was a necessity to restore the tablet back to factory defaults in order to clean out the unused data (garbage) piled on the internal storage. Once the tablet was cleaned and signed back into the Google account, it re-downloaded all apps and settings previously installed on the device. Initially you can't even tell that the tablet restored all Wi-Fi settings because you've already enabled primary access prior to re-installing Android.

MORE: How The NSA's Spying Keeps You Safe

"A wide variety of your personal data is backed up, including your Wi-Fi passwords, Browser bookmarks, a list of the applications you’ve installed, the words you’ve added to the dictionary used by the onscreen keyboard, and most of the settings that you configure with the Settings application," states the Users Guide on page 374."Some third-party applications may also take advantage of this feature, so you can restore your data if you reinstall an application."

The backup storage option has been around since Android 2.2 "Froyo", and is enabled by default. In Android 4.1.2 this option is listed under Settings/Privacy and clearly reads "back up app data, Wi-Fi passwords and other settings to Google servers". In Android 4.3, this option can be found under Settings/Backup & Reset. This feature is definitely super convenient for users who switch Android devices often (cough), but it's also a little scary given that Google does not encrypt consumer-based stored data on the server side, only when it's transmitted.

Apparently the big recent stink surrounding the Android backup feature is that Google can actually read those Wi-Fi passwords because they're stored in plaintext. That doesn't mean Google employees are digging through the database reading the passwords of millions of Android customers. That means government agencies requesting user data will have no problem taking that easily readable information and logging into your local network.

"Since backup and restore is such a useful feature, and since it's turned on by default, it's likely that the vast majority of Android users are syncing this data with their Google accounts," said Micah Lee, a staff technologist at the Electronic Frontier Foundation. "Because Android is so popular, it's likely that Google has plaintext Wi-Fi passwords for the majority of password-protected Wi-Fi networks in the world."

Paul Ducklin of security firm Sophos points out that the list of Wi-Fi networks on an Android device is likely larger than the single access point in the user's home (I have four just in my house). Thus each Android device backing data up into the cloud is essentially helping Google add to the already extensive maps of Wi-Fi access points built up over the years. The solution, then, is to encrypt everything on the device before backing up into the cloud.

"The problem with that is it's not quite as convenient, not least because there's no password-free way to recover that backed-up data, for example if you forget your password. That's the dilemma we all face," he writes. "Are you prepared to accept a digital equivalent of locking your keys in the car forever (for example if you forget your full-disk encryption password and didn't save the recovery key)? Or would you prefer to have what amounts to a backdoor to your own, or worse still, to other people's, personal information?"

Good question. Sometimes I think it would  be better to just go back to rotary phones and using books to access information. Regardless, if you don't want Google storing your personal information, then turn off Android's backup feature.

  • killerclick
    The best thing would be if we had some open source (and heavily vetted) software that could do the encryption (with 512 bit keys or whatever) locally and then just back up the encrypted results to cloud storage where they Google can print them on a billboard if they like.
    Reply
  • wemakeourfuture
    @killerclick: best thing is if the OS company respected individual privacy. Google is notorious on all platforms from hording user's information, hence why I could not own a Google based phone. The trust factor I have with them is zero and if you can't trust the company then a few extra features here and there are irrelevant.
    Reply
  • Jay Shanker
    Oh no ! Google is going to hack my WiFi network from a few thousand miles away.
    Reply
  • Dantte
    @wemakeourfuture So if you "could not own a Google based phone" what kind of phone are you going to get, because Apple is some much better, right?
    Reply
  • ddpruitt
    Oh my God! Google has access to millions of default 2wire and linksys WiFi passwords and networks that take only a few seconds to hack!

    Oh the humanity!

    Seriously, 99% of those passwords they can already Google given that very few people properly secure their Wireless networks.
    Reply
  • warezme
    I checked my HTC One, there are two options, Backup and Reset. The backup option states backup to the cloud and mine I disabled from the beginning since it has the word cloud in it. That should be all you need to do.
    Reply
  • os2baba
    @killerclick I use Truecrypt to back up sensitive files to Dropbox. Not that it helps in this scenario. When Google backs up your data, most of it is apps and photos (I don't believe it backs up app data). There are others like the wifi passwords that it backs up. So you need selective encryption. The next question is who do you want this data protected from? Google? The Govt.? If yes, then you will need to provide the password. Google would have to do some fairly sophisticated threading to ensure that the rest of your data that is unencrypted can be restored if you forget the password. Too much effort. They will probably just use the hammer. If you forget your password, you lose all of it.
    Reply
  • clemh
    Windows 8 is doing this too. I brought a brand new laptop to an out of town location where I previously used another laptop, and I didn't have to enter a password to access the WPA2 password protected network.
    Reply
  • greenmachineiijh
    If you already have the backup running you cannot simply turn it off to remove your information. Google already has it and it is stored forever. You need to turn it off AND change all your network information AND not turn it back on AND remember if your phone gets run over or falls in a lake that all of your settings, information, apps, phone numbers, etc. are lost forever.

    Which way do you want to go...
    Reply
  • Akizu
    Who cares about wi-fi passwords? If someone has a password to my wi-fi he still needs to get in its range to access it... And even then he will have access only to my internet connection and my collection of movies and music in shared folders... Really sensitive informations like firefox encryption key for example aren't backed up.

    If you want your wi-fi to be 100% safe just set your router to connect only with white-listed devices, but then you will have to open your router's settings panel whenever you want to connect a new device.
    Reply