Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Android Privacy Security Your Rights Online

Security Vulnerabilities On HTC Android Devices 97

Posted by timothy
from the bit-of-an-oopsie dept.
revjtanton writes "In recent updates to some of its devices, HTC introduced a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users' devices, easier remote analysis, or corporate evilness — it doesn't matter." That's because "any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads)" on one of these phones can now grab all sorts of interesting bits from the logged data.
This discussion has been archived. No new comments can be posted.

Security Vulnerabilities On HTC Android Devices

Comments Filter:
  • by SuperKendall (25149) on Sunday October 02, 2011 @10:30PM (#37586832)

    Every time you install an app, a list of permissions to be granted is present to the user for their permission. Now, it may be the case that most users just blindly hit "accept," but that's not an OS issue.

    Yes it is. By having a security model that makes it more likely users will accept, that OS has introduced a security flaw.

    A better approach is to grant permission at first time of access to a resource, so that you can make a judgement in context of what the app is asking for. Possibly some permissions should be asked for up front anyway, but not all... And by breaking them apart users would think more about granting them.

You know you've landed gear-up when it takes full power to taxi.