Android Wifi backup option

If you let Google back up your Wifi passwords, then Google has your Wifi passwords

The Internet has worked itself up into a bit of a tizzy over the weekend about an innocuous system-level feature that’s been around since Android 2.2 Froyo. The “Back up my data” option —  found under “Settings>Backup & reset” on most Android phones — allows certain stuff, including Wifi passwords, to be backed up to the cloud. The current setting label reads:

“Back up application data, Wi-Fi passwords and other settings to Google servers.”

And that’s exactly what it does. Uncheck the box and you’re informed that Google’s copy of the data will be purged from its servers, as it should be.

The checkbox is presented to users during the setup process, and the label is very clear about what will happen if you leave it enabled. The reason for the feature’s presence is also plain to see — it’s supposed to make the process of setting up new devices a little quicker by pulling down your personal settings and network details from the cloud. Yes, including your Wifi password.

If you’re not comfortable with Google keeping a copy of your stuff, simply uncheck the box. Same deal if you change your mind after the fact — uncheck the box, and Google’s copy of your Wifi passwords goes up in smoke. It’s been that way since the feature was first introduced some three years ago.

But in light of the recent controversy over government surveillance, the story seems to have taken on a new angle, with articles appearing suggesting Google is creating a vast database of all the world’s Wifi passwords in one convenient, NSA-accessible place.

Google logo

While it’s true that Google, as an American company, could be compelled to surrender this data to the authorities, Wifi passwords are perhaps some of the least sensitive bits of data stored with your Google account. Next to the wealth of very personal information with which Google is entrusted, Wifi passwords, easily changed and easily removed from Google’s servers, are a minor detail.

Were Google collecting this stuff covertly through Android, it’d be a more serious matter. But the data backup feature is plain to see whenever you set up any Android device, while being easy to disable at any time. And that’s exactly what it is — a backup. You’re not giving Google permission to sniff around your networks independently using these details.

In a statement given to Ars Technica in July, a Google spokesperson said that the personal backup data is “encrypted in transit,” but couldn’t speak to whether it was encrypted on Google’s servers. From an anti-snooping perspective, though, the question of whether it’s encrypted “at rest” is mostly academic. Unless extraordinary measures were taken, Google would surely have the means to decrypt it, and would be required by law to do so. Perhaps more to the point, if a government agency really wants to surveil your home network, they probably don’t need Google’s help to do so.

It’s also worth noting that the situation with regards to storing Wifi passwords in the cloud is by no means limited to Android — Apple’s iOS stores Wifi details (among other things) in iCloud backups. That’s why restoring an iPhone also brings back your Wifi passwords. Microsoft’s Windows 8 has a similar feature, too. As more of us juggle multiple devices, this kind of thing is going to become more common.

So as with many other Android “security” scares, we’re not going to lose any sleep over Google’s backing-up of our network details. But if you’d rather opt out, you’re just one checkbox away, just as you have been for the past three years.

Wifi backup message

 

Reader comments

Android's Wifi backup feature is neither new, unique nor dangerous

93 Comments

Agree with letting Google hold the passwords or not... If you think your wifi password is stopping the NSA from getting onto your wireless network if they want to then you're just kidding yourself.

I am more concerned google will be hacked or somehow leak my data than our incompetent government would care about snooping at me.

And your WiFi password will be valuable to.... who exactly? Change it on a regular basis, and there's no security issue here. at all.

I feel like my dad has set up a secure enough network that even the NSA can't access. First, the network isn't broadcasting it's name. Second, he uses a white-list for devices that can connect to anything on the network. It's a pain to bring a new device home because you need to wait for him to come home and add the device to the list.

Posted via Android Central App

Networks with hidden SSIDs can be easily found with software such as InSSIDer.

Once a hacker gets far enough to see the wifi traffic (even if it won't let them actually 'connect'), they can then see the MAC addresses of all the devices that are on the network. They can then easily spoof a MAC address to get them onto the network, surpassing any mac address white list.

Hidden SSIDs and mac address filtering are a little extra security to keep your neighbors out, but any average hacker can easily get past.

Please tell me he at least uses WPA2 as well right? Hiding a network and using a white list is not creating a secure network.

LMAO, good luck in fooling yourself that your Dad's wifi can never be accessed by NSA or ANYONE! What a moron. NOTHING is safe from these sources. If you think not, your completely stupid. HAHAHAHA

Geez, guy, no need to berate the poor kid. He's talking about how his dad set up his home wi-fi network, not claiming to be a security expert. Sure, the NSA can probably bypass that, but couldn't you explain that nicely instead of being an immature arse?

This is the exact mindset the NSA wants you to have.

Say your Dad Networking level is 100 there are people out there who are god like in power.. more like level 9000. You can never imagine how good they are. They are so powerful and unstoppable and they don't even see your Dad's setup as having a Security.

My Advise.. Life is like a video game... Level up yourself.. Go to school and keep learning. Your post alone here contains some knowledge and this already makes you Level 29; you already have a good start.

Welcome to the real world, Kid.

Hiding an SSID doesn't secure the network, nor does "white listing" or MAC filtering as it is called. A MAC address can be sniffed and spoofed at will. Even encrypted traffic has to have it's MAC address visible in plain text for every packet, otherwise layer 2 breaks.

WPA2 encryption itself is way more secure than either turning off SSID broadcast and MAC filtering. Bypassing the latter 2 is very trivial. To the point that as long as you have strong encryption it is pointless to use the other two as a security measure. Not to say that encryption isn't susceptible to hacking either.

I can hack you password driving by your house in less than 10 minutes. I do not need to hack Google...

Here's the thing: There are millions of people using this feature. I highly doubt Google or the NSA will come to your location and connect to your WiFi network, unless of course, you did something illegal.

They monitor people from their own offices. They aren't going to waste time coming to your house, parking on your street, and waiting for you to get on the Internet and watch what you do unless they have a very good reason.

Not only NSA. FBI, DEA, local and State police and probably others...monitoring and perhaps random collecting under other pretexts. The scope of possible privacy breeches is large. That can't be good.

Posted via Android Central App

Hey you providing the password and router SSID is much easier than driving the Google street view car around everywhere and simply jacking them! Geezzzzzz and it saves gas which saves the planet! You think the people would be happy for once?! LMAO! :p

5TH

This stupid fake "controversy" was started by Apple-fanboy site BGR in response to criticism over Apple's fingerprint scanner concerns.

My only complaint with the feature is that it's wildy inconsistent. After wiping and loading ROMS a dozen times, I think maybe 40% of the time it has actually restored my passwords.

Google relly needs to come up with a iCloud Backup type service that will restore an Android device, and all apps, instantly at login. Perhaps they could use Google Drive to store the files.

I use Titanium Backup but it's not nearly as easy to use as iCloud...

Uhh. Google has done this since the release of 4.2 I've never had any problems. Flash new ROM. Sign-in. All apps download, passwords, browser history, pics, everything syncs. I'm wondering if Titanium backup is messing with Google's backup. It even saves data and settings within apps (if they were programmed correctly by the developer). I'm not sure why it's not working for you. Check the "backup & reset" options in the settings menu. And when you first start a new ROM, select "Yes, I want to restore all my apps and data"

I've been getting full backup/restore (including apps) since 4.0. I jumped to 4.0 from 2.2 though, so I can't speak on whether it was available for 2.3 or 3.x.

Posted via Android Central App on my Galaxy Nexus

I use the Google Back up for all of my devices since my Droid 1, it has never save my wifi password, every time I have to manually type it in

That's weird. The backup service has restored my wi-fi configs every time I've loaded a ROM except for when I switched from CM to a Touchwizz ROM. Once I went back to CM, it restored the config perfectly.

Can't find this setting on my phone. I have a Razr M, any idea where it is or even if it's on my phone?

Posted via Android Central App

If people are that worried about their data then they need to stay off the grid all together.

Posted From my HTC One running PlayBook 3.0 via Android Central App

I never really got how the backup DATA worked. every time I change roms it only restores the app, not the actual data from the app.
I have to resort to third party backups.
Is this how it's intented to work?

I like this feature. I have a lot of wifi networks on my phone and it was nice not having to load all of them in when I got my Nexus 7.

I'll never trust Google until they reveal where they're hiding Elvis, Tupac and the aliens

Posted from my brand new, super slim, gorgeous red Droid Ultra

He's been so busy mapping "street view" of the backwoods ; )No wonder he's always a step ahead of the damn trackers.

Had to use this feature three times this last week trying to fix a problem with my N 7. Was grateful to have it!

Posted via Android Central App

But...if Google has my wifi password....and it gets leaked....I'd have to (gasp) CHANGE it! Oh FORLORN!

Posted via Android Central App on my Galaxy Nexus

The shitty thing is that people are idiots, and they use the same password for their wifi router and their bank account. Seriously. People are that stupid.

I'm surprised that people still think that the ship of
Govt wants something from you = They WILL get it
hasn't sailed decades ago

When I first enabled this feature, I thought it was the most convenient thing in the world, especially when it comes to trying out new roms and the data wipes that usually come with it. I wasn't worried about security issues then, still not worried now. Of course I understood that you're backing up your wifi password, it states so in plain black-and-white and lets you choose not to enable it.

Of course, if you have it enabled already, you can easily disable it and then change your wifi password. The issue is with everyone else's wifi passwords that you shared with google. Part of good wifi security is changing your password on a regular basis, but if people actually followed good security practices then Windows wouldn't have gotten its reputation as a security nightmare.

Interesting,

All I know is that I received 2 replacement devices in July/August 2013. Then another in late August. Once I logged into my Google Play Account, most of my apps and the data reappeared on my current device. This included wi-fi passwords.

For my home networks (I have 2) I change the passwords periodically anyway.

This has been widely known for awhile so why is it an issue now?

There's one case to be concerned about saved wi-fi passwords. This saves the password for corporate wi-fi too. That's a little bit more important than a home wi-fi network. Google should at least give us more control over what it saves.

What does "Back up application data" mean? Does it include passwords for all yr apps including banking apps etc..?

Two states in the US legalize pot and 5 weeks later conspiracies start popping up all over the place! LOL

Paranoid much!

I think it's reasonable if you want to take the risk for the convenience, I'm glad there's a choice. But ridiculing people for being paranoid about security when personal data is regularly pillaged from large corps? I wouldn't call that paranoid, so much as justified.

correct me if I'm wrong, but....

(1) if the NSA or any other government agency or evil-doer gets your wifi password via Google server, won't they have to drive to within 100 feet of your house for this to be useful?

(2) is Google's encrypted server really that safe? I'm sure the NSA's supercomputers are way more powerful than anything that Google owns (

(3)

This is just ONE MORE reason that root won't be required. Before this, I had to backup wifi access points with Titanium backup and that required root. Now if I could just tether my unlimited plan without root (unless you're one of the select few who can use FoxFi) and the ability to do an entire system backup (like android) the only reason left to Root would be custom ROM.

That's not really news. End of July, the German IT news site heise.de reported this issue:

2013-07-16: http://www.heise.de/newsticker/meldung/Android-und-die-Passwoerter-Offen...
2013-07-20: http://www.heise.de/newsticker/meldung/Google-reagiert-auf-Kritik-an-And...
2013-07-24: http://www.heise.de/newsticker/meldung/Android-und-die-WLAN-Passwoerter-...
(use Google Translate if neccessary)

First, obviously Google doesn't always delete the WiFi passwords after unchecking the box. Second, maybe your WiFi is of no interest for any type of secret service – but using this feature for company WiFi is highly dangerous. Third, Apple encrypts the data for backup on device and only then transfers the encrypted passwords into the cloud. For restoring you need the password you set for encryption. Apple cannot decrypt anything (as long as they implemented the algorithms without any faults).

So please: Don't pretend this not being a problem. It's quite a big problem, and Google could change this easily by just prompting for a password for encryption prior to uploading the backup.

If the data was encrypted on the device, and the private key (the part required for decryption) was only ever stored on the device, then you wouldn't be able to use the backed up data on a different device, making the backup *completely* worthless.

Not to mention this would become annoying, since these kinds of backups happen frequently, and usually while you're not using the phone. I *could* see an advantage to Google making it an optional thing, where you put in the password used to generate the hash used as a private key. I suspect, though, that a lot of people would forget their password ;)

Also, what is your source for this piece of information: "obviously Google doesn't always delete the WiFi passwords after unchecking the box" ? I don't see it being "obvious" at all, since everything from Google states the opposite.

Now, if you use a corporate WiFi, and they have a problem with it getting backed up to Google's server, that something to take up with your employer.

It really *isn't* an problem. Of all the data I willingly surrender to Google, my WiFi password is the least of my worries.

As many others have said, if the NSA wants my information, they're not going to drive to my apartment and attach to my WiFi network to get it. They can already get it with a couple of keystrokes.

I think the wifi password issue is a valid concern. We have nothing but halfhearted assurances from Google about the security of the process and "Apple does it too!" is meaningless fanboy dreck. I still use backup on my S3, but I have no illusions about it being a secure process. Only a fool would actually "trust" a corporation like Google or any other, especially in light of recent events.

If you're referring to the Prism/NSA stuff, I don't think it's a "trust" issue with Google directly. Most of the big internet-based service providers have admitted that they have been (literally) forced to comply with this stuff and prevented from talking about it under threat of charges of treason.

Our problem, here, is not Google/Yahoo/AOL/Apple/Facebook/etc. Our problem is a gestapo government who thinks they have a right to do anything they like, so long as it's in the name of "providing security".

That said, the WiFi backup thing really shouldn't concern you so much. If the NSA wants your info, they're not going to drive all the way to your home and log onto your WiFi network to get it. They'll just send "tasking" orders to the router at your ISP to have the information routed to them at the comfort of their own offices.

I'm not worried about it, but it's perfectly valid to question Google about this and every other service they offer despite the author of the article urging everyone to essentially shut up and stop thinking about it. The conclusion that it's perfectly innocent is not based on any actual facts that I'm aware of. It probably is (I still use it), but no one outside of Google actually knows that for certain.

It's true that the NSA can get anything they want given enough time, but that doesn't mean that we should stop asking questions and demanding answers both from the government and the companies we entrust with our data.

What question is it that you're wanting answered? Whether or not this data is deleted if you uncheck the box? Technically, Google has already answered that question, since the message box says that it will be. If you don't trust that, then what additional assurance would you get from a Google employee saying "yes, it is"?

I agree with you that we should always ask for transparency in how our data is handled and what is being done with it. I think, in this case, Google has done all it can do with regard to telling you what is happening with this data. In fact, Google has gone to great lengths to provide us a way to view all this aggregated data that is attached to our accounts. If you don't trust one answer, why would you trust a confirmation of that answer?

It's not like this is some sinister line of code that has been discovered. It's a setting on every phone going back three years. We *know* what it's intended purpose is. It explains what it does right there below the check box. The conclusion in the article is based on as much "fact" as you could possibly have, without personally, physically inspecting the code on Google's servers.

Besides, even if Google was sharing your WiFi password with the NSA, they wouldn't be able to tell you about it, thanks to all those FISA requests included a gag-order.

Just because it can be broken doesn't mean you should trust anyone with it who has no need to know. Backing up is also silly since if you forget it change it in the router. Just deleted from all my Androids.

Because some of us have hundreds of wifi access points we connect to? We don't want to have to go through the whole process of having to login to all those again?

Anyone trying to sneak their way on to someones network by getting a password through an android phone backup to Google's servers will most likely have go through a list of a few hundred networks before they find the one they are looking for (if they find it)

How long after one chooses to not let Google maintain a backup of data is that data "purged" as you put it...

In other words, how long is Google going to have that phone and network data (to use, for marketing+, or to provide in response to the frequent Government requests for our data...) ?

The article has two comments that suggest immediate complete erasure... but absent something stating this explicitly, it cannot be assumed -especially in today's data hungry environment..

Could you please elaborate?..Thanks

Posted via Android Central App

We're not talking about phone or network data here. You give that to Google all the time. The "panic" here is that (if you have this feature enabled) Google is storing your WiFi password on a server somewhere.

While true that the government probably *could* demand this information from Google with one of their gestapo "FISA Letters", they don't need to.

If they want your data, they don't have to get your WiFi password from Google, drive all the way to your house, connect to your WiFi and then "sniff" around your home network hoping they find something. They'll just send a "tasking" instruction to your ISP's router and wait for all your data to come to them.

See? Nothing to worry about ;)

Seriously, Google stores all of my emails exchanged with all my personal friends and family. Google having my wifi password is not exactly ranking high on my security concerns. If some Google employee wants to come sit outside my house and steal all the episodes of Adventure Time off my hard drive, I might as well let him. He clearly has nothing else going for him in life.

What if you don't have a way of unchecking the checkbox? Is there a way to remove this information from Google's servers without accessing the device?

Assuming it's attached to your account, and not someone else's, yes. Just access your Google account dashboard.

https://www.google.com/dashboard

If you've given it to someone else, and they've got it backed up to their account, then no. But, at that point, you've already given it out to another person, so are you really that concerned?

Either it does not work or I'm not using it correctly but I have to always enter my own wifi password for every new device I have gotten, 3 Nexus 4's and 3 Nexus 7's 2013 ( I had some issues and broke a few)

Perhaps more to the point, if a government agency really wants to surveil your home network, they probably don’t need Google’s help to do so.

I love you guys but you missed the point by at least 1 astronomical unit. A government needing to snoop on your home or anyone's home has to target one home at a time. A compromised Google system leaves god knows how many networks compromised in possibly one single datacollect. But again we have no idea how their system works in this regard. So knowing if at rest data is secure is damn important and moreso knowing what type of encryption the transmission method is using is just as important. In any event I turned off this feature simple from the standpoint that the NSA probably has a direct link on the internet's backbone and probably has something on a few of the core routers out there. I'm transmitting passwords all the time....I don't need to add my access point to that list.

I'm down with letting them keep my password. It made setting up my Nexus 7 extremely easy in July. My WiFi password is a bit convoluted to say the least.

Posted via Android Central App

Why would the government even NEED to get into your wireless network? With access to the backend (at ISP's) why would they even feel the need to see what is going on inside your house, i mean the communication between your devices is inconsequential, all the info they care about is moving in and out of the local network via your ISP, which they already have access too.

Silliness. Breaking into a WiFi network is absolutely trivial. The password might keep your neighbor from stealing your internet, but it's absolutely not going to stop any investigator who actually takes the time to drive within range.

Google should (IMO) break this out so that you can choose which data gets backed up so that you can save your contacts without storing WiFi passwords just to make this go away. But it's a wash really. In reality, my WiFi password is stored not just on my account, but presumably my wife's, both daughters' accounts, their boyfriends' accounts, and probably half their friends' accounts who come over.

With respect, Google's disclosure is neither clear nor complete, and it not only stores users' own WiFi networks' passwords, but those of networks on which they are trusted users. Also, whether or not Google "purges its servers" does not address whether it also purges the doubtless large numbers of backups of those servers. These data not only could give access to those WiFi networks, but also serve to associate accounts with particular networks. If, for example, an account was found to contain the non-public WiFi password to, say, an extremist group's compound network, that could implicate the account owner as a potential member of that group.

Google frequently claims transparency but largely fails at it. From the non-published list of companies Google owns and includes in its data collection (wholly owned subsidiary Zagat's, for example, is missing from Google's lists of its products, even though the Zagat Web site links to Google's privacy policy), to the still vague question of how much data Google is collecting and collating from its Glass users' environment, the company has too many fingers in too many pies for consumers to have any concept of how much data it collects, has, and uses. {Jonathan}

Windows Phone 8 (or windows) does NOT backup Wifi passwords to the Cloud. That is factually incorrect. Please point us to any article that claims this is true.

And no wonder my company does not rely on wifi passwords for security, instead has some convoluted certificate mechanism...
Most people miss the point: It isn't just about your home router wifi password. It is about every network you connect to. So all this while, when guests come home and use the wifi, they might as well have been uploading my wifi password to Google, even though: I wasn't an android user, they didn't know about this (not everyone is a geek), I didn't know about this. This is very sneaky.