orb3000 · Feb 4, 2011 at 06:00 pm

HTC Peep Vulnerability Update

XDA Moderator Noonski let us know about an interesting article published today regarding HTC Peep vulnerability. Despite we have known about this since August 2010, there was no published fix for this problem. According to the original article, the default Twitter client in HTC devices, HTC Peep, is vulnerable to two different credentials disclosure vulnerabilities during the authentication process against the Twitter service (twitter.com). The first vulnerability resides in the third HTTP request, a POST request towards the “/oauth/authorize” resource, which contains several parameters, including the Twitter user name and password in the clear, making the authentication process vulnerable to eavesdropping attacks.
The latest information claims that there is a fix: HTC replies back informing “…that for the time being the update hasn’t yet been released on the website however, any customer who wishes to download it can contact us and we will send it out to them”.

Originally posted by Noonski
Maybe of interest

HTC Peep vulnerability.

Continue reading.

Thanks to our friend and XDA member pof for the tip


_________
Want something on the XDA Portal? Send us a tip!

orb3000

orb3000 is an editor on XDA-Developers, the largest community for Android users. @orb3000 News Writer & Forum Moderator @xda-developers. Windows Phone/Android enthusiast, like HTC and flashing! 100% cert. free of i-products Xalapa, México
Mario Tomás Serrafero · Mar 29, 2015 at 12:02 pm · 1 comment

Sunday Debate: Corporate Cyanogen Good for Android?

Join us in a fun Sunday Debate on Cyanogen Inc. Come with your opinions and feel free to read some of our thoughts, then pick your side or play devil’s advocate to get your voice heard and engage in friendly discussion. You can read our food-for-thought or jump straight into the fray below!     CyanogenMod is widely recognized across XDA for its solid performance, great feature set and far-reaching (and also long-lasting) support for all sorts of devices, from...

XDA NEWS
Emil Kako · Mar 28, 2015 at 11:01 pm · 4 comments

Best Alarm App for Android?

There are tons of choices to choose from when looking for a great alarm app for Android. While the stock Clock app for AOSP does the job, it may lack some of the more advanced features from competitors. Let us know what your favorite alarm clock app is for Android and why.

DISCUSS
Chris Gilliam · Mar 28, 2015 at 12:45 pm · 1 comment

Pinsy Brings Social Sketching To Your Watch & Phone

Did you watch Apple's VP draw on his wrist during the Apple Watch announcement and wonder "why can't my Wear watch do that?" In typical XDA fashion, one enterprising forum member has brought similar functionality to Android Wear with a twist; it works on phones and watches alike, with other platforms on the way! The app is called Pinsy, and its release debut is a strong proof of concept with plenty of room to grow. You may remember the developer behind this project, XDA...

XDA NEWS
Share This