Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Hitman III: PC graphics perf benchmark review
TeamGroup CX2 1TB SATA3 SSD review
EVGA GeForce RTX 3070 FTW3 Ultra review
Corsair 5000D PC Chassis Review
NZXT Kraken X63 RGB Review
ASUS Radeon RX 6900 XT STRIX OC LC Review
TerraMaster F5-221 NAS Review
MSI Radeon RX 6800 XT Gaming X TRIO Review
Sapphire Radeon RX 6800 NITRO+ review
Corsair HS70 Bluetooth Headset Review

New Downloads
CrystalDiskInfo 8.10.0 Download
SiSoft Sandra 20/20 download v30.92
AMD Radeon Adrenalin Edition 21.1.1 driver download
CPU-Z download v1.95
Intel HD graphics Driver Download Version: DCH 27.20.100.9168
HWiNFO Download v6.41 (4355 Beta)
GeForce 461.33 hotfix driver download
Prime95 download version 30.4 build 7
AIDA64 Download Version 6.32.5620 beta
3DMark Download v2.16.7117 + Time Spy


New Forum Topics
RTSS 6.7.0 beta 1 Sapphire RMA Experiences?? 2TB version Samsung 980 Pro with 136 Layer (V-NAND v6) surfaces in webshops MSI Afterburner 4.6.3 Beta 4 is it real ? Weird 5700 XT problem 3080 Owner's thread! Gabe Newell talks about Cyberpunk 2077 and sympathizes with CD Projekt GeForce Hotfix Driver Version 461.33 Trying to flash another bios for my MSI 6800XT card B460M To Z490 or Z590? Is it worth it?




Guru3D.com » News » Security hole uncovered in HTC Android phones

Security hole uncovered in HTC Android phones

by Hilbert Hagedoorn on: 10/04/2011 09:42 AM | source: | 0 comment(s)

Android Police has done some digging into a suite of logging tools, dubbed HtcLoggers, that were loaded onto a range of HTC phones in a recent update. While the exact purpose of the tools is not known, they collect a bevy of information including, but not limited to, location, user accounts, phone numbers, system logs and some SMS data.

Here's the kicker - it is apparently possible for any app that uses Android's INTERNET permission to access - and therefore copy off the device - any of that information. Given that most apps that access the web or display ads request the INTERNET permission, the consequences of this find are, as Artem Russakovskii of Android Police puts it, massive. Reportedly only phones with the stock Sense firmware are affected. Using a proof of concept app, the EVO 4G, EVO 3D, Thunderbolt, EVO Shift 4G, MyTouch 4G Slide and some Sensation models have been found vulnerable to data theft via the HtcLoggers app.

Put simply, any app with the INTERNET permission running on the aforementioned phones can access at least:

ACCESS_COARSE_LOCATION Allows an application to access coarse (e.g., Cell-ID, WiFi) location
ACCESS_FINE_LOCATION Allows an application to access fine (e.g., GPS) location
ACCESS_LOCATION_EXTRA_COMMANDS Allows an application to access extra location provider commands
ACCESS_WIFI_STATE Allows applications to access information about Wi-Fi networks
BATTERY_STATS Allows an application to collect battery statistics
DUMP Allows an application to retrieve state dump information from system services.
GET_ACCOUNTS Allows access to the list of accounts in the Accounts Service
GET_PACKAGE_SIZE Allows an application to find out the space used by any package.
GET_TASKS Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc. READ_LOGS Allows an application to read the low-level system log files.
READ_SYNC_SETTINGS Allows applications to read the sync settings
READ_SYNC_STATS Allows applications to read the sync stats







« Forza Motorsport 4 - Endangered Species · Security hole uncovered in HTC Android phones · Arctic Accelero Twin Turbo 6990 launched »

Related Stories

Compro IP70 security camera review - 09/19/2011 09:34 AM
Security is a hot topic on many levels these days. We want eyes and ears everywhere. So whether you need your building secured, your office monitored for theft or need some camera protecting at home w...

Intel McAfee DeepSAFE hardware-assisted security - 09/15/2011 09:09 AM
Intel intro's

Adobe warns of new Flash Player security threat - 06/20/2011 09:08 AM
Over on Adobe

Microsoft discovers two security flaws in Chrome - 04/22/2011 08:47 AM
It's of course very typical from Microsoft to "point out" security flaws from Google's Chrome, anything to trash the competition right ? None the less, these are flaws that need some TLC fro...

SiteCom adds Cloud Computing Security as option to consumer routers - 03/19/2011 05:52 AM
Dutch based network specialist SiteCom, selling predominantly in Europe, is launching a new range of routers. The routers will be tagged under the X-series 2.0 and get 6 models labeled X1 to X6 (being...



Guru3D.com © 2021