Nearly all Android smart phones running a version of the operating system prior to 2.3.4 are potentially "leaking" sensitive data, according to researchers at the University of Ulm. Here's what you need to know to stay safe and keep your information to yourself.
Certain Android applications, including ones officially bundled with the OS such as Calendar, Contacts and Picasa, send certain data, including authentication tokens (a form of password used to identify a user), in a clear rather than encrypted format.
Worse still, these tokens have a long life (up to 14 days) and aren't attached to the phone from which they originated. This means hackers could steal a legitimate user's credentials and use them elsewhere on a different handset."
Link to Original Source