HTC vulnerability fails to secure user data
A serious vulnerability has been unearthed in several HTC smartphone models that allows almost any app to read sensitive data stored on the handsets.
The security issue was spotted by Android developer Trevor Eckhart and is the result of HTC failing to properly secure information collected by a recently introduced logging application.
This recent phone update, which collects data, exposes a lot of sensitive information like user accounts, email addresses, GPS history, phone numbers listed in the phone log and SMS data.
According to Eckhart, any app with internet permission (aka, Most of the apps on the market) is able to read this data.
HTC EVO 4G, EVO 3D, Thunderbolt, Shift 4G and Mytouch 4G Slide devices have been confirmed as vulnerable. Elsewhere, it is suspected that some models from the HTC Sensation line are suspected to be affected.
The company say: "HTC takes our customers' security very seriously, and we are working to investigate this claim as quickly as possible."
"We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken"