Bug In HTC Sense May Reveal WiFi Passwords, Fixes Are Underway
A security flaw in certain HTC Android builds allows third-party applications to access WiFi passwords. The flaw was discovered last September by Chris Hessing and Bret Jordan, who contacted HTC privately before publicly disclosing details.
Considering the list of affected devices – which includes the Desire HD, Glacier, Droid Incredible, Thunderbolt, Sensation, Desire S, EVO 3D and EVO 4G – it appears that the bug is related to some HTC-specific Android modifications in its custom Sense UI. The myTouch 3G and Nexus One, which both run stock Android software despite being manufactured by HTC, do not have this issue.
Since being informed of the security flaw, HTC has already incorporated fixes into regular OTA updates for “most” devices, though we do not know which ones. For those devices that haven’t gotten an automatic fix yet, HTC will provide a manual fix next week, as a statement on its support site reads:
HTC has developed a fix for a small WiFi issue affecting some HTC phones. Most phones have received this fix already through regular updates and upgrades. However, some phones will need to have the fix manually loaded. Please check back next week for more information about this fix and a manual download if you need to update your phone.
Read more details at My War With Entropy (via Techmeme).
Want something on the XDA Portal? Send us a tip!
I've been using a T-Mobile Galaxy S6 since the device launched with T-mobile's service. However, over this past holiday weekend I knew I would be in an area without reliable T-Mobile service. So, I opened up T-Mobile's default "Device Unlock" app , pressed unlock, and placed my AT&T SIM card in the device. Everything seemed to be working fine: strong signal, great LTE, good voice calls - until day 3. On Sunday, my Galaxy S6 felt very hot to the touch and...
Probably all of us reading this have a smartphone in our pocket. For many of us, the smartphone has become our primary method of reading and writing e-mails, messaging, and browsing the web. Though proclamations that "smartphones have replaced the personal computer" typically fall on deaf ears, the statements aren't without merit. Indeed, smartphones have "replaced"—or more accurately, "displaced"—PC's in several areas that they have traditionally been dominant. But how many of you look into your pocket, or on your desk, and...
In our recent Discuss article, we asked you readers on which OEM you would like to help. While the answers we received were varied, a lot of these responses and top comments stood out for helping one OEM: Sony. Some excerpts from our discussion are as below: And many more follow suit. Needless to say, many believe that Sony Mobile as a company is great and is worth saving. And all of these would be happy to hear that Sony will...