A security researcher has discovered a serious flaw with the Facebook and Dropbox apps for both Android and iOS that puts all of your sensitive personal data at risk.

Anyone with access to your device can use a free piece of software that’s easily available on the internet to retrieve an unencrypted, plain text file from your device that provides access to your entire account — without requiring a jailbreak.

Social network Path came under great scrutiny after it was discovered that the app would upload a user’s entire address book to Path’s servers. The worst part, for iOS users at least, was Path never let them know. After a public apology, Path worked diligently to remedy the issue and came up with a few enhancements to the way they handle user privacy. Today, Path has rolled out an update to both its Android and iOS apps reflecting the changes and assuring users that they take their privacy seriously (or at least now they do).

When we think about security for our mobile devices, we’re usually protecting it from nefarious individuals. Well guess what? It apparently works both ways. In a story straight out of James Brown’s diary, the FBI is having a hard time busting a notorious San Diego pimp thanks to Android’s pattern lock feature.

There are plenty of anti-malware companies trying to scare the bejebus out of Android users, but Google wants to remind us that they have plenty of tools to keep malware at bay. Today Google revealed their automated scanning service, aptly named Bouncer, that constantly scans the Android Market for potentially malicious software. The Bouncer performs a set of analyses on all applications, new or old, as well as developer’s accounts. Hiroshi Lockheimer, VP of Engineering, explains the process over on the Google Mobile Blog:

HTC has acknowledged a WiFi issue with some of their Android handsets which could allow any Android application with the ACCESS_WIFI_STATE permission to view all the credentials of a Wi-Fi network. HTC has been working with Google since September to work out a fix and they’ve already patched most of the devices with OTA updates — but they have stated that some devices will need to be updated manually. According to the guys who originally discovered the vulnerability, phones affected by the bug include: