Tuesday, October 4, 2011

Major security flaw with HTC Phones revealed

A group of security experts called Android Police discovered a major security issue with HTC smartphones running Android.

Due to a recent update from HTC, which among other things, implemented a system of log storage locations concerning the latest GPS locations, email accounts, information about encrypted SMS and content, phone numbers, information about what system processes we have running, unfortunately all this information can be  easily accessed. Virtually any application that requires access to android.permission.INTERNET can access the log made ​​by HTC mentioned above.
The whole process is exemplified in the clip below and the package used for the demonstration can be downloaded at http://infectedrom.com/showthread.php/559-Vunerability-1-Android-Security-Elevation. The solution to this problem currently is available only to users who have rooted the phone, but HTC is already aware of the situation.

The official statement concerning this issue is as follows:

,, HTC customers take security very seriously and are working on an investigation related to this alleged problem to find a solution quickly. We will provide an update to the operating system as soon as we determine whether the complaint is valid and, indeed, this isa problem for which repair operations must be carried out. "

No comments:

Post a Comment

Feel Free to tell us your what you think