1. Download our Official Android App: Forums for Android!

General huge security vulnerability, still going to buy?

Discussion in 'Android Devices' started by redraider1, Oct 2, 2011.

  1. redraider1

    Thread Starter
    Rank:
    None
    Points:
    143
    Posts:
    1,532
    Joined:
    Mar 15, 2011

    Mar 15, 2011
    1,532
    195
    143

    Advertisement

  2. trophynuts

    trophynuts Android Expert
    Rank:
    None
    Points:
    313
    Posts:
    5,630
    Joined:
    Jul 6, 2010

    Jul 6, 2010
    5,630
    1,792
    313
    I work in a Tech related field. Have been in a tec
    SouthEastern US
    doesn't bother me. my info is probably already out in the wild anyways.
     
  3. redraider1

    Thread Starter
    Rank:
    None
    Points:
    143
    Posts:
    1,532
    Joined:
    Mar 15, 2011

    Mar 15, 2011
    1,532
    195
    143
    Yeah but not everything that this leaks like your messages and what not. I just am surprised it has only come up now and will be interesting to see what htc does and how long it takes them to fix this.
     
  4. ASC

    ASC I'm Shy
    Rank:
    None
    Points:
    88
    Posts:
    458
    Joined:
    Mar 27, 2010

    Mar 27, 2010
    458
    316
    88
    Male
    Construction Management
    Phoenix, AZ
    Root and remove /system/app/HtcLoggers.apk Problem solved?
     
    Crashumbc likes this.
  5. redraider1

    Thread Starter
    Rank:
    None
    Points:
    143
    Posts:
    1,532
    Joined:
    Mar 15, 2011

    Mar 15, 2011
    1,532
    195
    143
    That is the thing though you shouldn't have to root the phone to prevent this security risk. I mean yes you can root but not everyone wants to root their phone.
     
  6. ASC

    ASC I'm Shy
    Rank:
    None
    Points:
    88
    Posts:
    458
    Joined:
    Mar 27, 2010

    Mar 27, 2010
    458
    316
    88
    Male
    Construction Management
    Phoenix, AZ
    Agreed. But until HTC Get's their heads out of their butt's, there is a "fix" for users who do want to go that route.
     
  7. Telexen

    Telexen Well-Known Member
    Rank:
    None
    Points:
    38
    Posts:
    234
    Joined:
    Nov 1, 2009

    Nov 1, 2009
    234
    13
    38
    This really isn't a gigantic deal everyone's making it out to be. If you're the kind of person who doesn't pay attention to permissions of that apps you're installing you've already opened yourself up to the risk. If you are - you're probably the kind of person who roots your phone anyway and can fix it.
     
  8. jikhead

    jikhead Android Expert
    Rank:
     #195
    Points:
    123
    Posts:
    781
    Joined:
    Apr 8, 2010

    Apr 8, 2010
    781
    180
    123
    I'm not doing anything that I should be worried about getting stolen (data) or whatnot.

    I'm pretty sure nearly ALL phones are doing something similar. It's big business and $$ when it comes to collecting information on users...look at the iPhone thing that was found to track people's movement. Every business wants to know how to better market their products to you better in order to sell you something.
     
  9. BabyBlues

    BabyBlues Trouble Just Finds Me!
    Rank:
    None
    Points:
    1,333
    Posts:
    13,125
    Joined:
    Jun 3, 2010

    Jun 3, 2010
    13,125
    9,766
    1,333
    Female
    Masquerading as a responsible adult
    Jersey - born & bred
    Exactly. There was something similar found in one of the other phone brands recently as well (not apple). You get the warnings that apps are asking for permissions and while most of the time it's harmless, there is always that chance that it's not.
     
  10. Puppa

    Puppa Android Enthusiast
    Rank:
    None
    Points:
    73
    Posts:
    320
    Joined:
    Apr 25, 2010

    Apr 25, 2010
    320
    93
    73
    Linux kernel development, Android & Chrome
    Raleigh, NC
    This security flaw doesn't even exist for non-root users. Just tried it on my thunderbolt...app CANNOT connect to the logger (permission denied).

    For root users, you're running at your own risk. Running all phone software with open root permission exposes you to all kinds of crap. If you're worried about this one, simply remove the app. If that's too tough for you, don't root.

    The site that posted this "news" is completely irresponsible, pajama-boy garbage. Listing the "Vigor" (even with a weasel-like question mark, which nobody pays attention to), when "confirmed" models don't even have the vulnerability.
     
  11. rrhartjr

    rrhartjr Well-Known Member
    Rank:
    None
    Points:
    43
    Posts:
    144
    Joined:
    Apr 21, 2011

    Apr 21, 2011
    144
    45
    43
    Reading through the comments on androidpolice show at least half of the users trying the proof of concept fail to replicate the problem. Very few who actually try it are confirming the issue.
     
    compchick813 likes this.
  12. NightAngel79

    NightAngel79 Bounty Hunter Administrator
    Moderator
    Rank:
     #16
    Points:
    1,453
    Posts:
    22,510
    Joined:
    May 11, 2010

    May 11, 2010
    22,510
    7,946
    1,453
    Male
    Systems Administrator
    Northern Ky
    Yea, i aint buying this as a credible threat....
     
    lawnboy likes this.
  13. hovercraftdriver

    Rank:
    None
    Points:
    6
    Posts:
    7
    Joined:
    Apr 7, 2010

    Apr 7, 2010
    7
    1
    6
  14. jamor

    jamor Android Expert
    Rank:
    None
    Points:
    213
    Posts:
    3,688
    Joined:
    Apr 13, 2010

    Apr 13, 2010
    3,688
    761
    213
    Planet Earth
    Damn this is bad news
     
  15. blackepoxy

    blackepoxy Android Expert
    Rank:
    None
    Points:
    173
    Posts:
    1,086
    Joined:
    Jan 14, 2011

    Jan 14, 2011
    1,086
    247
    173
    Male
    Oyster shucker blacks oyster bar
    Dirty South, Louisiana
    Is hTC Droid incredible 2 on the list?
    I just looked where it said the logger file was stored with es on my non rooted dinc2 running 2.3.4, I couldn't find it.
    I guess it said all Android phones running hTC sense...
     
  16. blkbeltkid17

    blkbeltkid17 Android Expert
    Rank:
     #83
    Points:
    333
    Posts:
    4,384
    Joined:
    Nov 16, 2010

    Nov 16, 2010
    4,384
    692
    333
    Male
    Student
    Virginia, United States Of America
    I know i am still gonna buy HTC phones no matter what i have seen the hell my parrents have gone trough with samsung and moto phones
    and i am running a inc2 rooted couldnt find the .apk in my rooted rom and stock backup
     
  17. jbh00jh

    jbh00jh Android Enthusiast
    Rank:
    None
    Points:
    43
    Posts:
    392
    Joined:
    Apr 30, 2010

    Apr 30, 2010
    392
    45
    43
    SC
  18. hovercraftdriver25

    hovercraftdriver25 Android Enthusiast
    Rank:
    None
    Points:
    53
    Posts:
    252
    Joined:
    Apr 8, 2010

    Apr 8, 2010
    252
    76
    53
    Some folks aren't that tech savvy...regardless, why should the consumer have to worry about it in the first place?

    BTW, where's that Vigor announcement that was supposed to happen yesterday that you posted about on XDA?
     
  19. BabyBlues

    BabyBlues Trouble Just Finds Me!
    Rank:
    None
    Points:
    1,333
    Posts:
    13,125
    Joined:
    Jun 3, 2010

    Jun 3, 2010
    13,125
    9,766
    1,333
    Female
    Masquerading as a responsible adult
    Jersey - born & bred
    I saw stuff that there is an announcement today. Not sure when but I'm keeping my fingers crossed
     
    hovercraftdriver25 likes this.
  20. hovercraftdriver25

    hovercraftdriver25 Android Enthusiast
    Rank:
    None
    Points:
    53
    Posts:
    252
    Joined:
    Apr 8, 2010

    Apr 8, 2010
    252
    76
    53
    US or UK? UK is having an event, supposedly Beats related and probably formal announcement of Sensation XE/XL or whatever it is called.
     
  21. BabyBlues

    BabyBlues Trouble Just Finds Me!
    Rank:
    None
    Points:
    1,333
    Posts:
    13,125
    Joined:
    Jun 3, 2010

    Jun 3, 2010
    13,125
    9,766
    1,333
    Female
    Masquerading as a responsible adult
    Jersey - born & bred
    Damn, looks like the UK. Sad face for me.
     
  22. jbh00jh

    jbh00jh Android Enthusiast
    Rank:
    None
    Points:
    43
    Posts:
    392
    Joined:
    Apr 30, 2010

    Apr 30, 2010
    392
    45
    43
    SC
    All you have to do is go into settings/applications with System App Remover and uninstall the two apks. If they are tech savvy enough to root a phone they can do that.
     
  23. blkbeltkid17

    blkbeltkid17 Android Expert
    Rank:
     #83
    Points:
    333
    Posts:
    4,384
    Joined:
    Nov 16, 2010

    Nov 16, 2010
    4,384
    692
    333
    Male
    Student
    Virginia, United States Of America
    I wanna see the announcement for this now
     
Tags:

Share This Page

Loading...