Andre Yoskowitz
3 Oct 2011 11:35
According to researcher Trevor Eckhart, a recent update to HTC Android devices has led to the installation of tools that collect personal info without permission.
The update, which adds android.permission.INTERNET, accesses location history, phone numbers, SMS data and a list of user accounts, but potentially leaks more personal data.
Phones like the EVO 3D now expose network info, including IP addresses; full memory info; active notifications in the notification bar, including notification text; list of installed apps, including permissions used, user ids, versions; and more, says PCM.
HTC, in response, says it "takes our customers' security very seriously, and we are working to investigate this claim as quickly as possible. We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."
If you have a rooted device, you can remove the update "HTCloggers" at /system/app/HtcLoggers.apk.