Major Security Flaw Found In Android HTC Phones
By James Lenhart


HTC is facing some serious scrutiny after it’s admission to a security hole that was found by the folks at Android Police. The vulnerability is a big one and could potentially reveal sensitive information that can be accessed by third-party apps if exploited properly. Currently, the flaw is found in recent versions of software installed on the EVO4G, EVO3D, Thunderbolt, and more.

HTC is known for their Sense UI which is commonly found on many Android devices. And what most people don’t know is that HTC spends a lot of time making sure it can log items — and I mean a LOT. It’s unclear if HTC logs these items to find future bugs, to prevent things like this from happening, or to really tick off the man. Whatever the motif it doesn’t look like it’s working out to well seeing as any third-party app can gain access to tons of information just by requesting it through android.permission.INTERNET.

Usually when installing a new application you accept the terms and quickly get on your way to playing around with your new app. Please be careful when doing this, because most apps use the INTERNET and will ask you if it can access it — if it’s not an app that you trust stay away. Again, if properly exploited the hacker could gain access to your user accounts, GPS locations, sync status, SMS data, phone numbers, and system logs. Some of the information in the latter may be useless as some of it is encoded, but that’s beside the point.

Be safe, not sorry.

[Via: Android Police]

Post Details