The folks at Android Police seem to have stumbled across a rather jarring security vulnerability in HTC handsets running Android, giving common apps with internet access a peek at the device's vital statistics, user information and more. Demonstrated in the above video, developer Trevor Eckheart found that a recent HTC update packed in a suite of logging tools that collects data on user accounts (including email addresses), recent GPS locations, SMS data and encoded text, phone numbers, system logs, running processes and more - all of which can be accessed by common apps requesting access toandroid.permission.INTERNET.
Engadget, HTC security vulnerability said to leak phone numbers, GPS data, and more, HTC responds (video)
No comments:
Post a Comment