orb3000 · Feb 4, 2011 at 06:00 pm

HTC Peep Vulnerability Update

XDA Moderator Noonski let us know about an interesting article published today regarding HTC Peep vulnerability. Despite we have known about this since August 2010, there was no published fix for this problem. According to the original article, the default Twitter client in HTC devices, HTC Peep, is vulnerable to two different credentials disclosure vulnerabilities during the authentication process against the Twitter service (twitter.com). The first vulnerability resides in the third HTTP request, a POST request towards the “/oauth/authorize” resource, which contains several parameters, including the Twitter user name and password in the clear, making the authentication process vulnerable to eavesdropping attacks.
The latest information claims that there is a fix: HTC replies back informing “…that for the time being the update hasn’t yet been released on the website however, any customer who wishes to download it can contact us and we will send it out to them”.

Originally posted by Noonski
Maybe of interest

HTC Peep vulnerability.

Continue reading.

Thanks to our friend and XDA member pof for the tip


_________
Want something on the XDA Portal? Send us a tip!

orb3000

orb3000 is an editor on XDA-Developers, the largest community for Android users. @orb3000 News Writer & Forum Moderator @xda-developers. Windows Phone/Android enthusiast, like HTC and flashing! 100% cert. free of i-products Xalapa, México View orb3000's posts and articles here.
Mario Tomás Serrafero · Jul 6, 2015 at 12:49 pm · 8 comments

Which OEM Would You Like to Help?

Most manufacturers have moments of greatness and moments of decadence, and in the past few years we've some of our favorite companies' tables turned. Some are stagnating, some are struggling, some lack direction. Despite this, we often hold them dear to our hearts. Many of them could use a hand, be it with design, marketing, or other tasks. If you could help out an OEM and take it back to its golden days, which one would it be?

DISCUSS
Aamir Siddiqui · Jul 6, 2015 at 11:03 am · 3 comments

Root T-Mobile S6/Edge on 5.1.1 Without Tripping Knox

If you purchase phones from a carrier, you may be no stranger to the difficulties involved in rooting and installing a custom rom, recovery and kernel on such a carrier locked device. Add to this the extra layer of security that Samsung adds in the form of the Knox counter on its devices, and one can only imagine the roadblocks for enthusiasts who want to play around with their device without losing warranty in the process. It's a slippery slope...

XDA NEWS
Jimmy McGee · Jul 6, 2015 at 06:00 am · 5 comments

IonVR Coming Soon, HTC M9 Dev Edition Gets Android 5.1 – XDA TV

The HTC M9 Developer Edition has received Android 5.1. That and much more news is covered by Jordan when he reviews all the important stories from this week. Included in this week's news is the announcement of IonVR and be sure to check out the article talking about the OnePlus Cardboard price (Hint, it's free). That's not all that's covered in today's video! Jordan talks about the other videos released this week on XDA TV. XDA TV Producer TK released an...

XDA NEWS
Share This