egzthunder1 · Oct 4, 2011 at 06:49 am

Official Announcement By HTC Regarding Security Vulnerability

It is quite impressive what the power of a single individual can amount to these days. We have been in touch with HTC regarding this security issue (since the beginning), which we officially announced last Friday. We tried to tell them that something wasn’t right with the whole concept of apps mining for data and sending it to a cloud. Well, after last week’s proof of concept released by XDA Recognized Developer TrevE, HTC decided that it was time to let their engineering teams take action. The outcome? People from both HTC in Taiwan and in North America are scrambling to put out security patches to prevent these exploits from being used. According to HTC, they should be rolling out OTA updates once the patches have made it through their testing QA as well as through the carriers.

We are certainly happy that they finally decided to take this with the degree of severity it actually has. The exploit is rather dangerous as virtually every single bit of information in the device is at risk. As it is customary, HTC has put out an official statement where they are letting people know of what we have talked about so far.

It would just be fair to remind HTC that they should not rest after this one is over and done for various reasons. The first one is because there are other confirmed exploits that we will release soon, which they will have to pay attention to. The other is because they need to up their efforts in the QA department a bit. The key to success in this world is constant innovation, and you guys are doing a good job so far, but as stated, you need to do a bit better.

Our community is willing to work with you as you have already seen for the last few weeks. This is not a matter of simply pointing fingers or kicking the giant when its down, this is something that affects the vast majority of us at XDA and as such we just want to point out things so that you take action. There will be other times for us to bash you (like blogs across the web have done), but this is not one of them. This is a very serious issue and with everyone being on the same page working together to find a solution, everyone will benefit from the outcome.

HTC Public Statement:

HTC takes claims related to the security of our products very seriously. In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers’ data, there is a vulnerability that could potentially be exploited by a malicious third-party application. A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability.

 

HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly.  During this time, as always, we strongly urge customers to use caution when downloading, using, installing and updating applications from untrusted sources.

 

Want something published in the Portal? Contact any News Writer.


_________
Want something on the XDA Portal? Send us a tip!
TAGS:

egzthunder1

egzthunder1 is an editor on XDA-Developers, the largest community for Android users. I have been an active member of xda-developers since 2005 and have gone through various roles in my time here. I am Former Portal Administrator, and currently part of the administrator team while maintaining my writer status for the portal. In real life, I am a Chemical Engineer turned Realtor in the Miami area. View egzthunder1's posts and articles here.
Emil Kako · Apr 19, 2015 at 02:10 pm · 4 comments

Do You Check for App Updates Regularly?

Do you let app updates happen automatically or do you regularly check for them? We're guessing the community will be pretty split here but we're interested in hearing your thoughts. Let us know below!

DISCUSS
Chris Gilliam · Apr 19, 2015 at 12:39 pm · 5 comments

Find The Best Apps With Google’s Picks & Other Tricks

The Google Play Store, weighing in with more than 1.4 million apps at last count, is a vast expanse of quality content and APK duds alike. To put this into context, it would take the average user more than 8 days of continuous scrolling to make it through the whole list at two per second, let alone the added months to click through and check out screenshots, or years to separate the wheat from the chaff via thorough review. Blogs...

XDA NEWS
Mario Tomás Serrafero · Apr 19, 2015 at 10:00 am · 5 comments

Sunday Debate: Better to Buy Older or Newer Hardware?

Join us in a fun Sunday Debate on New vs. Old. Come with your opinions and feel free to read some of our thoughts, then pick your side or play devil’s advocate to get your voice heard and engage in friendly discussion. You can read our food-for-thought or jump straight into the fray below! Smartphone purchases make for some of the sweetest times of the year for many of us. After all, we are hobbyists of Android and a new...

XDA NEWS
Share This