HTC security vulnerability leaks dataOctober 3, 2011
By Nigel Chew
03 October 2011 – Keen eyes over at Android Police have stumbled upon a rather worrying security vulnerability in HTC smartphones running Android, allowing common apps with internet access a peek at the device’s vital statistics, user information and whole lot more. Developer Trevor Eckhart discovered that a recent HTC update packed in a suite of logging tools that collects data on user accounts (including email addresses), recent GPS locations, SMS data and encoded text, system logs, running processes and more -- all of which can be accessed by common apps requesting access to android.permission.INTERNET.
HTC has already begun looking into issue, stating that its customers’ security is an utmost priority and are working to investigate the matter as quickly as it can. “We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."
Source: Android Police