Skip to main content
  1. Home
  2. Mobile

HTC phones: giant security hole discovered

By
Image used with permission by copyright holder

HTC inadvertently opened a wide security hole in some of its most-recently released phones, like the EVO 3D and EVO 4G. The vulnerability, discovered by the crew at Android Police, potentially exposes a broad range of private user data, including email addresses, GPS locations and phone numbers.

The security hole appears to be a residual consequence of HTC’s latest update to the phones, which recently received a new logging tool and seems to be where the problem first showed up.

Recommended Videos

The problem exists in any app that connects to the Internet, specifically ones that send out the android.permission.INTERNET request, which, according to Android Police, “is normal for any app that connects to the web or shows ads.” Ordinarily, apps that send out this request can only find out whether you are connected to the Internet. With the security hole in place, all apps that send out such a request are found to have access to:

  • list of users accounts, email addresses and sync status for each address
  • last recorded network and GPS location, and a short list of previous such locations
  • phone numbers from the phone log
  • SMS data, including phone numbers and encoded texts
  • system logs (which may give access to additional personal data)

Amazingly, the list goes on and on. Android Police also found that notifications in the notification bar, IP addresses, CPU data, battery info, a list of installed apps and more are also exposed by the security hole. (For the detailed list, visit Android Police‘s post here.)

Related

At present, the only way to patch the hole yourself, HTC user, is to root your phone and manually remove the “APK” file that logs all your actions. Unfortunately, rooting is a process that can be difficult for users who aren’t familiar with the process. But given the serious nature of the security hole, be assured that HTC will release an official patch of its own very soon. Until then, be careful what apps you download to avoid handing over your info to malicious entities.

Editors' Recommendations

Topics
Andrew Couts
Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
How to turn off Activity Status on Instagram
Instagram on an iPhone.

Instagram is a popular social networking site that allows users to communicate through text, photos, and videos. One of its features is the app's Activity Status, which lets users know when someone was last active on the app or if they are currently online.

Read more
Grab a 4-pack of Apple AirTags while they’re on sale
Person holding an Apple AirTag.

If you're one of those people who always keep misplacing their stuff, then you may want to take advantage of Walmart's offer for the Apple AirTag. Four of the Bluetooth trackers, which will make sure that you never lose anything again, are available for just $80, following a $19 discount on the bundle's original price of $99. There's no telling how long this lowered price will last, so if you think you'll find some use for these tracking devices, it's highly recommended that you proceed with the purchase as soon as possible.

Why you should buy the Apple AirTag
The Apple AirTag is highlighted in our roundup of the best Bluetooth trackers as the top choice if you're invested in the iOS ecosystem. In addition to a quick and easy one-tap setup to link the tracking device to your iPhone or iPad, the Apple AirTag uses Apple's Find My network to keep track of your things. Precision Finding with Ultra Wideband technology will lead you to your Apple AirTag, with the help of the millions of devices in the Find My network that will work together to locate your missing item when you activate Lost Mode.

Read more
Huawei’s gorgeous Pura 70 phones just got expanded availability
Huawei Pura 70 pink, green, white, and black colors.

Huawei Pura 70 Huawei

After being announced for China in mid-April, the Huawei Pura 70 series is now confirmed for the EU market. Those in the European market can expect to preorder the Pura 70, Pura 70 Pro, and the top-tier Pura 70 Ultra starting May 2 for 999 euros, 1,199 euros, and 1,499 euros, respectively. This pricing is in line with what we saw in China, with the Ultra coming in at 9,999 yuan ($1,400) and the base Pura 70 at 5,499 yuan ($760).

Read more