Video: HTC tinkered with Android to try and differentiate themselves, made it laughingly insecure

egg

It’s been discovered that recent HTC devices such as the EVO 3D, EVO 4G, Thunderbolt, and others, have a massive security bug that enables applications to read pretty much every piece of sensitive information on your device. HTC, in an effort to gather statistics on how people use their devices, installed a data logging application called HtcLoggers.apk on their latest devices. That application enables other applications who need permission to access the internet to read which accounts you’ve got configured on your Android device, which operator you’re using, phone numbers you’ve dialed, text messages you’ve been sending and receiving, your location … like we said, everything. Trevor Eckhart, who discovered this security bug, said he contacted HTC to alert them to what was going on. He waited 5 business days for a response, known as the RFPolicy, before making his discovery public. Hopefully now that HTC has egg on their face, they’ll rush to fix this and issue over the air updates.

How do you fix this problem immediately? Root your device and get rid of HtcLoggers.apk, simple as that. Do you now understand why whenever we review an Android device, we say that at the end of the day you’re better off just buying a Nexus? Now yes, some of the things manufacturers do to Android genuinely enhance the platform, but this HTC fuck up is going to tarnish not just their reputation, but Android’s reputation as well. Google likely isn’t going to be too please with that.

Anyway, what does HTC have to say about all this? The standard corporate speak you’d expect to hear about how they care about their customers, they’re looking into the situation, blah, blah, blah, please don’t hate us. The lesson here is, let us repeat it one more time, that if you want to go Android, buy a Nexus!

There’s a new one being announced this month too, so you’re in luck.

  • http://www.matthewdlyons.com/ matthewdlyons

    Interesting. I always think twice before allowing apps to access my logs. This is far worse.

    BTW. The title should read “…differentiate themselves…” not “…different themselves…”

    • http://www.intomobile.com/ Stefan Constantinescu

      holy embarrassing typo batman! it’s one thing if it’s in the article, but the freakin’ headline?! thanks for the eagle eyes.

      • http://www.matthewdlyons.com/ matthewdlyons

        No worries. It happens. I did a piece on my blog about proofreading that had typos. Doh!

Back to top ▴