While looking for something to post in this blog I came upon a couple of websites that all said the same thing “HTC Massive Security Vulnerability” Since I own an HTC phone I became intrigued and read what the security flaw was. Some Sense-enabled HTC phones that allow apps with internet permissions can gain access to your private data. Most of the hones at risk are the newer HTC models using Sense, like the Thunderbolt and EVO 3D, include an app called HTCLoggers, this app collects data such as: phone numbers, call logs, email addresses, user accounts, last network and GPS locations, IP addresses, full memory information, battery info/ status(charging and wake lock history). All this data is then send back to HTC where anyone with some computer knowledge can have access to it. The way this is allowed to have your information is by requesting a single android.permission.INTERNET, this is very common for many apps that connect to the web.
HTC is aware of the issue and they’ve stated “HTC takes our customers’ security very seriously, and we are working to investigate this claim as quickly as possible. We will provide an update as soon as we’re able to determine the accuracy of the claim and what steps, if any, need to be taken.” There are ways to fix the problem; one of them is to remove HTCloggers from a rooted device, the other is not to download any suspicious apps. My phone is an HTC Aria and it doesn’t get any internet reception so I don’t think I should be too worried, but do any of you have an HTC phone that could be in danger?
http://rootzwiki.com/content.php?331-HTC-Security-Bug-Leaks-Your-Personal-Info
http://www.androidpolice.com/2011/10/01/massive-security-vulnerability-in-htc-android-devices-evo-3d-4g-thunderbolt-others-exposes-phone-numbers-gps-sms-emails-addresses-much-more/
http://www.engadget.com/2011/10/02/htc-security-vulnerability-said-to-leak-phone-numbers-gps-data/
Like this:
Like Loading...
