Skip to main content

HTC phones: giant security hole discovered

HTC inadvertently opened a wide security hole in some of its most-recently released phones, like the EVO 3D and EVO 4G. The vulnerability, discovered by the crew at Android Police, potentially exposes a broad range of private user data, including email addresses, GPS locations and phone numbers.

The security hole appears to be a residual consequence of HTC’s latest update to the phones, which recently received a new logging tool and seems to be where the problem first showed up.

The problem exists in any app that connects to the Internet, specifically ones that send out the android.permission.INTERNET request, which, according to Android Police, “is normal for any app that connects to the web or shows ads.” Ordinarily, apps that send out this request can only find out whether you are connected to the Internet. With the security hole in place, all apps that send out such a request are found to have access to:

  • list of users accounts, email addresses and sync status for each address
  • last recorded network and GPS location, and a short list of previous such locations
  • phone numbers from the phone log
  • SMS data, including phone numbers and encoded texts
  • system logs (which may give access to additional personal data)

Amazingly, the list goes on and on. Android Police also found that notifications in the notification bar, IP addresses, CPU data, battery info, a list of installed apps and more are also exposed by the security hole. (For the detailed list, visit Android Police‘s post here.)

At present, the only way to patch the hole yourself, HTC user, is to root your phone and manually remove the “APK” file that logs all your actions. Unfortunately, rooting is a process that can be difficult for users who aren’t familiar with the process. But given the serious nature of the security hole, be assured that HTC will release an official patch of its own very soon. Until then, be careful what apps you download to avoid handing over your info to malicious entities.

Editors' Recommendations

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
Sony’s new 3D tech push isn’t for TVs — it’s for our phones
Honor View 20 review

Sony's IMX586 camera and a 3D sensor on the back of the Honor View 20 smartphone. Andy Boxall/Digital Trends

Sony is hyping up 3D technology. We know what you’re thinking -- the last time we were told 3D would change our lives, the powers that be were mistaken. However, this time things could be different, as the 3D itself is not on our televisions, but in our phones. Sony has started to push new, improved 3D sensors for better-than-ever face unlocking, plus more depth and new features to make the growing world of mobile augmented reality way more compelling.

Read more
Capture app saves money by 3D scanning objects using iPhone’s TrueDepth camera
Apple iPhone X FaceID TrueDepth Camera

Capture: 3D Scan Anything

Like 3D printing is to regular two-dimensional printing, so too does 3D scanning open up a realm of possibilities we couldn’t have imagined with our old flatbed Epson image scanner. The ability to easily scan every facet of an object and then share the resulting three-dimensional model is one of those examples of technology  that seemed like science fiction just a few years ago. The problem is that it’s also been pretty expensive. For example, the nifty Artec Leo -- a device we got to check out at CES 2018 -- costs $25,800. That’s an acceptable price tag for a product aimed at industrial engineers and medical institutions, but it’s a bit too pricey for your average consumer.

Read more
Latest Apple patents hint at 3D iPhone effects, flexible batteries, and more
nba augmented reality iphone news ar 2

It's that time of week again! Last week we looked at patents related to an upgraded Apple Pencil, but now Apple has been awarded a fresh set of patents that may give us a few hints into what the company is working on -- including patents related to flexible batteries, finding your way around a building, and creating a 3D effect on a 2D display.

Here is everything you need to know about Apple's latest set of patents.
Flexible batteries
The first patent could help make give your iPhone a much longer battery life. The concept is that flexible batteries can not only be shaped to better fit into a phone, but they can also move depending on the movement of components inside of an iPhone. The flexible batteries are made up of battery cells placed along a flexible substrate, allowing the battery as a whole to bend as it needs.

Read more