HTC Security flaw

News has appeared on AndroidPolice that paints a rather worrying picture about HTC. HTC in an atempt to log information about users of their devices have left a rather large back door for malicious apps to get hold of your information. So far it only seems to be the latest models that are affected, ie Evo 3d and possibly the Sensation range. Any app installed on these phones that has access to the internet can also get hold of the following information, the list of user accounts, including email addresses and sync status for each, the last known network and GPS locations and a limited previous history of locations, the phone numbers from the phone log, SMS data, including phone numbers and encoded text, system logs, which include everything your running apps do and is likely to include email addresses, phone numbers, and other private info. Quite worrying really.

The article goes on to detail the exploit in depth and also mentions that only people on the stock Sense roms are to start panicing. If you are rooted you can remove the logging application quite easily, if not you will need to wait for an official patch from HTC and their track record for updates is unblemished. HTC have yet to officially comment or respond to the recent findings. If you own one of these devices we would be interested to see how you feel about this.

Source – Android Police