Taiwanese smartphone giant HTC has moved to address recent revelations of a security flaw in the firm's Android smartphones, promising an update to be delivered via an over the air update.
Androidpolice first revealed that HTC's modified Android operating system contained a number of security vulnerabilities seemingly arising out of the firm's introduction of behind-the-scenes logging capability.
Phones such as the Evo, MyTouch and some models of Sensation are known to have the flawed OS which essentially allows any application that is granted the Android permission of 'Internet' to access a wide array of private information.
"I'd like to reiterate that the only reason the data is leaking left and right is because HTC set their snooping environment up this way," wrote Android Police's Artem Russakovskii.
"It's like leaving your keys under the mat and expecting nobody who finds them to unlock the door."
The security researchers said they had reached out to HTC but not received any recognition in a week at which point they went public. After the story broke HTC eventually responded with an official statement promising an 'OTT' patch for affected handsets.
After the customary downplaying of any threat, HTC said:
"HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it."
The key there is that HTC is going to have to push out the update via carrier partners. The same carrier partners that famously delay releases of Android OS updates so one probably shouldn't expect this fix any time soon.
An interim solution is to 'root' the phone and remove the application Htcloggers.apk by hand. Or using an alternative firmware such as Cyanogen Mod.
HTC for their part helpfully suggest not installing applications that aren't from 'trusted' partners.
Advertisement
Related Stories
- Via Technologies release Android PC to rival the Raspberry Pi May 25th 2012 at 10:30AM
- Google's multi-Nexus Android strategy May 16th 2012 at 12:56AM
- Java judge will not rule on Android "fair use" May 11th 2012 at 1:52AM
- iOS update fixes bugs and security flaws May 8th 2012 at 5:45AM
- Jury fails to fully decide in Oracle vs Google May 7th 2012 at 10:28PM
- Jury struggles for verdict in Oracle vs Google May 6th 2012 at 11:56PM
- Microsoft fingers Chinese firm in RDP flaw leak May 4th 2012 at 3:00AM
- Samsung goes large with Galaxy S III May 3rd 2012 at 11:51PM
- Microsoft fixes '0-day' Hotmail flaw Apr 30th 2012 at 12:19AM
- ESET releases Mobile Security for Android smartphones and tablets Apr 27th 2012 at 4:39PM
