orb3000 · Feb 4, 2011 at 06:00 pm

HTC Peep Vulnerability Update

XDA Moderator Noonski let us know about an interesting article published today regarding HTC Peep vulnerability. Despite we have known about this since August 2010, there was no published fix for this problem. According to the original article, the default Twitter client in HTC devices, HTC Peep, is vulnerable to two different credentials disclosure vulnerabilities during the authentication process against the Twitter service (twitter.com). The first vulnerability resides in the third HTTP request, a POST request towards the “/oauth/authorize” resource, which contains several parameters, including the Twitter user name and password in the clear, making the authentication process vulnerable to eavesdropping attacks.
The latest information claims that there is a fix: HTC replies back informing “…that for the time being the update hasn’t yet been released on the website however, any customer who wishes to download it can contact us and we will send it out to them”.

Originally posted by Noonski
Maybe of interest

HTC Peep vulnerability.

Continue reading.

Thanks to our friend and XDA member pof for the tip


_________
Want something on the XDA Portal? Send us a tip!

orb3000

orb3000 is an editor on XDA-Developers, the largest community for Android users. @orb3000 News Writer & Forum Moderator @xda-developers. Windows Phone/Android enthusiast, like HTC and flashing! 100% cert. free of i-products Xalapa, México View orb3000's posts and articles here.
TK · May 21, 2015 at 02:15 pm · 1 comment

Device Review: No.1 X1 Rugged Smartphone

We are almost at the end of Q2 for 2015, and we have seen most of the flagship phones for the year already. While flagship phones usually offer bleeding-edge specs and are the most sought after phones, there is a huge market for non-flagship phones. Some offer value, others offer unique differentiating features. Today, we are going to look at the X1 phone by a Chinese company named N0.1. The company promises a truly rugged IP68 Certified phone. The device has a Quad...

XDA NEWS
Emil Kako · May 21, 2015 at 01:10 pm · 4 comments

When a Friend or Family Member Asks for a Phone Recommendation, What Do You Tell Them?

The majority of us here at XDA would consider ourselves power users and Android enthusiasts. Thus, when a friend or family member has a question about which phone they should get, they usually come to us. However, this is where we all differ. While some will atomically recommend the Nexus line, others in the community will suggest an offering from Samsung or LG. When a friend or family member asks you for a phone recommendation, what do you say?

DISCUSS
Chris Gilliam · May 20, 2015 at 04:08 pm · 6 comments

Nexus 4, 5, and 9 OTA Downloads of 5.1.1

This month was a big one for Android 5.1.1 updates, as you can see from last week's roundup and the barrage of posts on the portal's front page in the recent past. So far we are seeing the lineup of Wear watches, the Nexus 4, Nexus 9, Nexus 10, Nexus Player, and a handfull of others slowly make their way to the latest Android. While waiting around for updates may be fine for casual users, this is XDA; we have OTA download links...

XDA NEWS
Share This