HTC is questioning claims that a safety smirch in a few of its mobile phones means personal data is being exposed.
The Android Police blog says a record containing a user's GPS place and email addresses may be simply accessed once internet permissions are granted.
Several models are mentioned to be affected, inclusive EVO 3D, EVO 4G, Thunderbolt and potentially the Sensation range.
HTC mentioned it is seeking in to the claims "as rapidly as possible".
"HTC takes the customers' safety really seriously, and you are working to scrutinize this affirm as rapidly as possible," the firm mentioned in a statement.
"We will give an refurbish as shortly as we're able to establish the correctness of the affirm and what steps, if any, must be taken."
Systems director Trevor Eckhart constructed a explanation of process app written to uncover off the disadvantage .
By simply asking a user's consent to access the internet - a solicit renouned with games apps seeking to post scores online - the app was able to access a record declared "HtcLoggers.apk".
The record contained a few key pieces of personal information, including:
The list of user accounts, inclusive email addresses
A log of new GPS locations
Phone figures taken from new call logs
SMS data, inclusive new figures and encoded messages
The Android Police blog described the chance as "like leaving your keys beneath the pad and awaiting nobody who finds them to clear the door".
Rik Ferguson, director of safety research and communications at Trend Micro, believes the chance should be an easy one to solve.
"It sounds similar to something really elementary to patch," he told the BBC.
"They didn't expect that type of data would be of interest. It's a insufficient of foreknowledge rsther than than messy programming, I think. It should be something comparatively easy to fix."
No comments:
Post a Comment