Jump to content



Sign up for a free account to remove the pop-up ads

Signing up for an account is fast and free. As a member you can join in the conversation, enter contests and remove the pop-up ads that guests get. Click here to create your free account.

Photo

Major vulnerability with all HTC phones


This topic has been archived. This means that you cannot reply to this topic.
5 replies to this topic

#1 of 6 OFFLINE   Sam Posten

Sam Posten

    Executive Producer



  • 17,098 posts
  • Join Date: Oct 30 1997
  • Real Name:Sam Posten
  • LocationAberdeen, MD & Navesink, NJ

Posted October 03 2011 - 12:10 AM

Just one more example of how much better Android is because it's open ;) http://www.androidpo...sses-much-more/

I lost my signature and all I got was this Nutter t-shirt


#2 of 6 OFFLINE   mattCR

mattCR

    Executive Producer



  • 10,063 posts
  • Join Date: Oct 05 2005
  • Real Name:Matt
  • LocationOverland Park, KS

Posted October 03 2011 - 03:03 AM

The more I play with Mango the more I love it. I carry an iPhone for work now, but I admit, I ended up dropping BB and going WP7.5 for my home phone. It's stable, it's slick, and it works. Their are noticeable, significant differences between iPhone/WP7.5. But the one thing I can say for both is that they are smooth, easy to understand, function exactly as I expect and intuitive. Every experience I have had with Android has let me think it's a complete wild-wild-west mess of whatever goes goes. I have yet to see anything that I thought were truly intuitive, original, easy to easy and did exactly what I wanted.
trakt.tv

Ask Me about HTPC! (Threads in HTPC / PMs always responded to)

This signature is povided by MediaBrowser 3 Trakt Plugin: Media Browser 3


#3 of 6 OFFLINE   Hanson

Hanson

    Producer



  • 4,461 posts
  • Join Date: Nov 01 1998
  • Real Name:Hanson

Posted October 03 2011 - 04:38 AM

Wait -- these things never happen in closed systems?


http://gizmodo.com/5...-to-your-iphone


In both instances, there is no documented case of anything actually breaching.  Yes, it's a hole that needs to be addressed.  But proof of concept and in the wild are two different matters.



#4 of 6 OFFLINE   mattCR

mattCR

    Executive Producer



  • 10,063 posts
  • Join Date: Oct 05 2005
  • Real Name:Matt
  • LocationOverland Park, KS

Posted October 03 2011 - 06:19 AM

*shrug* I look at it this way, though.. it's not whether or not they happen or not, I'm not even concerned that it happened with HTC or Google. It can happen with iPhone/WP7 or whatever. I'm just saying, I've yet to play with an Android where I felt as though "The Juice is Worth the Squeeze". The major functions are PITA, and their inability to be consistent is annoying as all get out. The more marketshare you have, the more you are going to get people who try to hack you; that has always been true.
trakt.tv

Ask Me about HTPC! (Threads in HTPC / PMs always responded to)

This signature is povided by MediaBrowser 3 Trakt Plugin: Media Browser 3


#5 of 6 OFFLINE   Ted Todorov

Ted Todorov

    Screenwriter



  • 2,899 posts
  • Join Date: Aug 17 2000

Posted October 04 2011 - 01:57 AM

Quote:

Originally Posted by Sam Posten 

Just one more example of how much better Android is because it's open Posted Image
http://www.androidpo...sses-much-more/
Android stopped being even "open", not to mention open a while ago -- Google seems to have dropped all pretense of releasing Android 3 or later source code.  And with Amazon using Google's prior "openness" against them I doubt very much anything will change.


So lets call the problem by its true name -- the non-integrated business model, which offers up more possible points of failure.  HTC is one of them.



Hold on tightly, let go lightly.

 


#6 of 6 OFFLINE   Hanson

Hanson

    Producer



  • 4,461 posts
  • Join Date: Nov 01 1998
  • Real Name:Hanson

Posted October 07 2011 - 04:15 AM

As I understand it, the information that can be taken is nothing unusual provided the app had certain rights.  The security flaw is that HTC only put Internet Access rights on this data, which means that in theory, an app that looks like it can only access the internet could be programmed to access more sensitive data through this hole.  However, it's far easier to have a program slip in the rights necessary to access this data directly from the phone and not have to exploit an HTC specific vulnerability that affects a small number of actual phones.


Tempest in a teapot?  Pretty much.  The bigger problem is that most people don't read the security stuff when they install programs.