Security flaw uncovered in HTC phones

Security flaw uncovered in HTC phonesA trio of nerds has uncovered a rather worrying security hole in some HTC phones, which essentially allows any web-connected app to access a ton of your private junk.

User accounts including email addresses, GPS locations, the phone log, and SMS data are all thought to be at risk. Cripes.

The guys, Artem Russakovskii, Justin Case and Trevor Eckhart, have been poking around with various HTC phones. You can read about their findings in great detail – and I mean great detail – at Android Police. They liken the flaw to: “leaving your keys under the mat and expecting nobody who finds them to unlock the door.”

Affected phones are thought to include the HTC Evo 3D and HTC Thunderbolt (essentially the US HTC Desire HD).

Apparently HTC has yet to comment to Android Police directly, however the Taiwanese manufacturer told TechRadar: "HTC takes our customers' security very seriously, and we are working to investigate this claim as quickly as possible.

“We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."

Stay tooned…

Read more about: HTC Evo 3DAndroid

Add a comment
6 comments

JanSt / MOD  Oct. 4, 2011 at 12:31

"Nerds ...poking around"? Why so dismissive, dear co-mobotnik? :p

Those guys know what they're doing.

Anyway, HTC have acknowledged the issue, and promise an OTA fix...

http://www.technobuffalo.com/companies/htc/htc-confirms-security-vulnerability-promises-fix-soon/

I'm not surprised, btw...I do not trust Google's Ad-ware OS. So:

na, na ,nana, naaaah :p Won't be the last time, of course. Our info is the new currency numero uno, and nothing's free ;)

Treab  Oct. 4, 2011 at 13:01

your just jealous jan that android is successful and your preferred symbian is defunct :p

JanSt / MOD  Oct. 4, 2011 at 13:32

Treab, I do not care if people do not share my likes and dislikes, seriously ;)

BUT seriously - is that your comment? Weak! That is quite the nasty little "tweak" that HTC implanted.

Treab  Oct. 4, 2011 at 13:39

you mean its a mistake in the coding? same as the issue with the samsung at&t version of the samsung galaxy s2?

now this logger is found on most phones tbh its on apples iphone microsoft phones to understand glitches, but this one has obviously not been tweaked properly... for most people this glitch wont affect anyone as you need to download an app which is after the info and they are very rare.

JanSt / MOD  Oct. 4, 2011 at 13:56

Oh, but if you read a few other sources, you will find that it is "unusually" easy for app devs to exploit this "bit of code" ;)

Of course, you're right, the casual user will not notice - nor care. Until they care ;)

Treab  Oct. 4, 2011 at 15:15

it might not just be the casual users though...

even people like matty who use it constantly most likely wont... 500,000 apps and atm none have this ability and how many will be made to exploit this issue...

Email:

You don't need an account to comment. Just enter your email address. We'll keep it private.

Comment: