liwen · Feb 3, 2012 at 08:30 am

Bug In HTC Sense May Reveal WiFi Passwords, Fixes Are Underway

A security flaw in certain HTC Android builds allows third-party applications to access WiFi passwords. The flaw was discovered last September by Chris Hessing and Bret Jordan, who contacted HTC privately before publicly disclosing details.

Considering the list of affected devices – which includes the Desire HD, Glacier, Droid Incredible, Thunderbolt, Sensation, Desire S, EVO 3D and EVO 4G – it appears that the bug is related to some HTC-specific Android modifications in its custom Sense UI. The myTouch 3G and Nexus One, which both run stock Android software despite being manufactured by HTC, do not have this issue.

Since being informed of the security flaw, HTC has already incorporated fixes into regular OTA updates for “most” devices, though we do not know which ones. For those devices that haven’t gotten an automatic fix yet, HTC will provide a manual fix next week, as a statement on its support site reads:

HTC has developed a fix for a small WiFi issue affecting some HTC phones. Most phones have received this fix already through regular updates and upgrades. However, some phones will need to have the fix manually loaded. Please check back next week for more information about this fix and a manual download if you need to update your phone.

Read more details at My War With Entropy (via Techmeme).


_________
Want something on the XDA Portal? Send us a tip!
TAGS:
Emil Kako · Feb 26, 2015 at 12:30 pm · 1 comment

What Bugs You Most About Google’s Play Store?

Google announced today that it will be bringing ads to the Play Store, and while that will surely annoy the majority of us, it isn't the only thing that sucks about the Play Store. From the lack of clear communication with developers to ridiculous restrictions, there are a handful of very annoying things about Google's approach. Let us know what bugs you the most about the Play Store.

DISCUSS
Mario Tomás Serrafero · Feb 26, 2015 at 11:32 am · 1 comment

Watches: Luxurious Frivolity vs. Humble Practicality

Smartwatches still have a lot of growing up to do. Not too long ago the latest Canalys figures revealed a rather disappointing outcome for 2014, something we covered with the ultimate conclusion that, once again, smartwatches had no year. The direction of smartwatches is unclear to even the biggest OEMs, and with every new option there seems to be polarizing dissonances from what people and OEMs want and what they both think they want. We've documented many of the reasons as to...

XDA NEWS
Mathew Brack · Feb 26, 2015 at 10:28 am · no comments

Do ISPs Abuse Their Power?

Every day, the majority of us use the internet through several different internet service providers, but what we may not think about whilst using this service is how much control these companies have over our experience. AT&T recently launched their rival to the Google Fiber service and subsequently looked for a way to further monetize on their offering. For an extra $29 on top of the $70 monthly charge, you can buy your privacy back from them. Otherwise expect online adverts...

XDA NEWS
Share This