HTC Android handsets spew private data to ANY app A data logger pushed out by HTC to Android handsets has opened up a vulnerability allowing any app with internet permissions to access private customer information. The vulnerability was spotted by Trevor Eckhart, who informed HTC about it and waited five days for a response. Following that he decided to go public and gave …
Except the primary reason many people buy HTC is because of HTC Sense, not in spite of it. I too have gone down the custom route in the past but truth be told, I like the extra HTC toys.
My old Hero is running CM7 but I wouldn't put it on my Sensation.
Let me know when there's a custom ROM that includes Sense 3.0 for the Sensation then I may change my mind. Until then, I'll stick with a rooted standard Sense 3.0.
No, I'm not particularly worried about the lastest news. Yes, it's a serious booboo by HTC and I'll have to wait for them to fix things before I download any more apps but as I've got everything I need right now, that's not a big problem.
Er, yes. This is a closed-source HTC service. It was almost certainly discovered through running netstat on a rooted device and looking for open server ports. In no way would it be any harder to find on any other Android OEM's devices or on iOS. It _might_ be harder on Blackberry and WP7 simply because netstat and equivalent tools aren't as readily available.
It's bad enough we have Android vs iOS vs othermobilesystem wars, let's not degenerate even further into Android OEM A vs Android OEM B conflicts too. Especially not over a misinterpretation of the OP's post - Robert (Harvey) asked whether this would have been as easy to detect on another OS, *not* on another Android device made by someone other than HTC...
HTC initially gave up the Gingerbread / 2.3 release on the Desire but a rather large outcry saw them cave and suddenly decide they could release it after chopping out some crap. It's available now if you have an unbranded phone and depending on your network it may be able even if it's branded.
As for affected or not as someone else mentioned this seems to be a Sense 3 release and the Desire is still on an earlier version (2.1 I think).
To quote http://www.telstra.com.au/mobile/phones/smartphones.html (under Software Updates tab just down the page)
HTC Desire Android 'Gingerbread' update HTC will no longer proceed with a mass-market Gingerbread update for Desire due to the memory requirements of Android 2.3
I've just educated myself on the backflip HTC made that Ausdroid reported on June 24th and rather than spare myself the indeterminable date for such an update being made widely available through Telstra, I'd have gone custom firmware anyway. I'm happier with more control of my phone regardless.
Because this being the highly-customisable and generally open Android platform, all you have to do is delete or block the offending app. If and when Apple think this is a good idea [1], you can be assured that they will put it somewhere that users cannot touch and you will be stuck with it unless you jailbreak.
[1] And patent it, and sue HTC for using it.
But what's to stop Apple doing it themselves? The HTC issue is caused by HTC themselves so I fail to see what 3rd party developers have to do with it but you fruity fans know that Apple are so cuddly wuddly and they are your friends and would never dream of being so underhanded to their loyal fans...
Oh wait........
Had you managed to tear your eyes away from the radiant glory of your iProducts for just long enough to read the article, you would have noticed that the logger was installed by the manufacturer - presumably as part of a firmware rollout. And, had the sight of a sentence not worshipping the Almighty Apple not struck you witless with shock at such a heinous blasphemy, you would also have realised that I was talking about Apple incorporating a similar logger into iOS. At no point did I ever mention a third party developer.
I will, however, gladly accept your invitation to call Apple a bunch of control freaks.
"Because this being the highly-customisable and generally open Android platform, all you have to do is delete or block the offending app. If and when Apple think this is a good idea [1], you can be assured that they will put it somewhere that users cannot touch and you will be stuck with it unless you jailbreak."
I switched a while back from an iPhone to an HTC Sensation, and I've found that the Sensation is actually much more tightly locked-down than the iPhone was. When I first switched to the Sensation, no jailbreak was available for it at all. A jailbreak is now available, but it doesn't work on the latest software update.
HTC finally released a (cumbersome) way to legitimately root the Sensation, but (surprise surprise!) only for Sensations on certain carriers. Excluding, naturally, mine.
So the cell phone flame wars about "Android is open, iOS is closed" are, at least in my experience, a load of half-baked, misinformed nonsense. In the Android ecosystems, some phones are definitely much more open than others. (I'm still waiting for someone to break my particular Sensation.)
Mind you, I'm not playing Apple fanboi here. I quite like my Sensation, and I have no plans to go back to an iPhone. In a number of quantifiable ways, the hardware is superior to the iPhone's. The operating system is a mixed bag; there are some bits of Android I find quite a lot better than iOS, and some bits that still really annoy me. This isn't actually about "Android is better!" or "iOS is better!"--it's about the mistaken assumption that because it's Android, that must mean it's open.
"Franklin, Android openness is about being able to do what you want without getting permission from the manufacturer."
What I would really like to do with my Sensation is remove the crudware apps that HTC spooned onto it--Peep, the most miserable Twitter client I've ever seen; Slacker, which I gather is an Internet radio service or something; TeleNav, their competitor to Google's GPS nav software.
I can't.
Clearly, from HTC's perspective, Android is *not* about being able to do what I want without permission. Those applications can not be removed from an HTC phone without rooting it, and as I've mentioned above, that doesn't appear possible at the present with my phone.
'so I guess you haven't heard about the apple fiasco a few months ago, about the iphone storing its location every while, for any app to see.'
It wasn't for any app to see, you don't have filesystem access with an iOS app, except to files created by your app or through certain API calls, some media files such as music. In order to breach privacy somebody would either need to hack and root your phone or a law enforcement type would need physical access to the handset.
Sorry, but this is an order of magnitude worse than Apple's location storing - which at least had a sensible purpose behind it. Remember, Google does exactly the same kind of location DB build up, but it does it all server side - which is in some ways better and in some ways much worse.
I asked my girlfriend why she called me & said nothing. She when to her phone & it was doing things all by it self, she call me to it. At that time the alarms were being renamed, Bluetooth had been remotely turned on as had act as Wi-Fi access point. When I unplugged it from the charger it stopped.
There's no end to some Android owner's insecurity is there? An article that has nothing to do with iOS and you still feel the need to make snide remarks about it. I own devices on both platforms and there's nothing between them. I only prefer iOS because it has the better selection of games and apps.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
