HTC Peep Vulnerability Update
XDA Moderator Noonski let us know about an interesting article published today regarding HTC Peep vulnerability. Despite we have known about this since August 2010, there was no published fix for this problem. According to the original article, the default Twitter client in HTC devices, HTC Peep, is vulnerable to two different credentials disclosure vulnerabilities during the authentication process against the Twitter service (twitter.com). The first vulnerability resides in the third HTTP request, a POST request towards the “/oauth/authorize” resource, which contains several parameters, including the Twitter user name and password in the clear, making the authentication process vulnerable to eavesdropping attacks.
The latest information claims that there is a fix: HTC replies back informing “…that for the time being the update hasn’t yet been released on the website however, any customer who wishes to download it can contact us and we will send it out to them”.
Originally posted by Noonski
Maybe of interest
HTC Peep vulnerability.
Thanks to our friend and XDA member pof for the tip
Want something on the XDA Portal? Send us a tip!
Apps are at the front and center of any smartphone experience, and with over a million apps on the Google Play Store and new apps being submitted to our forums every day, staying up to date on the latest apps and games can be a hassle. At XDA, we don’t discriminate apps - if it’s interesting, innovative, original or useful, we mention them. The XDA Portal Team loves apps too, and we usually share and discuss the latest app releases...
A few people in the comments were surprised to find out that a number of the XDA staff actually use two phones in The Devices Behind the XDA Team feature. So we're interested in knowing how many of you rock two phones, whether it may be for work, fun, or otherwise. Let us know in the comments section below!
The majority of users here at XDA will feel fierce brand loyalty for a company, whether it is Android itself, their phone’s OEM or something else entirely. It’s a topic that is shown constantly in the great “which is better” debates and whilst we may give it willingly in return for a quality product, many companies see much higher levels than others. Be Together Not The Same One of the many perks we have as Android users is the...