HTC Sense Updates
- Thread starter Sushubh
- Start date
- Replies 18
- Views 2,691
There are some pretty decent models available in the sub-20K range, and if your budget allows, you should take a look at them.Yeah am aware of that. And to stay updated, these days i am either subscribing or directly participating more in Android threads.The moment my exams get over, i will be searching for a job. And hopefully out of the 1st pay or 2nd pay, i wud look to get a decent phone.No jugaads for me!! Its ok till Softwares. No chances with Hardwares!!
Ok, got it.....But thats when i actually am ready to buy.....but thanks for the sitename. I will bookmark it for now!!
---------- Post added at 10:02 AM ---------- Previous post was at 09:59 AM ----------
Thats a cool site.....Google never lead me there!! And it can be helpful for other gizmos too.
---------- Post added at 10:02 AM ---------- Previous post was at 09:59 AM ----------
Thats a cool site.....Google never lead me there!! And it can be helpful for other gizmos too.
Massive Security Vulnerability In HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails Addresses, Much More
----------
In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users' devices, easier remote analysis, corporate evilness - it doesn't matter. If you, as a company, plant these information collectors on a device, you better be DAMN sure the information they collect is secured and only available to privileged services or the user, after opting in.
That is not the case. What Trevor found is only the tip of the iceberg - we are all still digging deeper - but currently any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:
the list of user accounts, including email addresses and sync status for each
last known network and GPS locations and a limited previous history of locations
phone numbers from the phone log
SMS data, including phone numbers and encoded text (not sure yet if it's possible to decode it, but very likely)
system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info
----------
In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users' devices, easier remote analysis, corporate evilness - it doesn't matter. If you, as a company, plant these information collectors on a device, you better be DAMN sure the information they collect is secured and only available to privileged services or the user, after opting in.
That is not the case. What Trevor found is only the tip of the iceberg - we are all still digging deeper - but currently any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:
the list of user accounts, including email addresses and sync status for each
last known network and GPS locations and a limited previous history of locations
phone numbers from the phone log
SMS data, including phone numbers and encoded text (not sure yet if it's possible to decode it, but very likely)
system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info
holy CRAP! >.
R
rajm11
and listen to this as wel, People using SII
Link to the Source of HACKING SII lock screen
As you can see in the video above, all one has to do to bypass the lock is wait for the display to timeout on its own and then press the power button. This removes the previous secure lockscreen and replaces it with a standard, non-secure lockscreen.
Depending upon what you store on your device, you may think of this as trivial or a matter of national security. Either way, you'll be glad to know that Samsung and AT&T have acknowledged the issue and working on fixing it.
We received an official statement from Samsung regarding the issue. See it below.
Samsung and AT&T are aware of the user interface issue on the Galaxy S II with AT&T. Currently, when using a security screen lock on the device, the default setting is for a screen timeout. If a user presses the power button on the device after the timeout period it will always require a password. If a user presses the power button on the phone before the timeout period, the device requests a password – but the password is not actually necessary to unlock it. Samsung and AT&T are investigating a permanent solution. In the meantime, owners of the Galaxy S II can remedy the situation by re-setting their time-out screen to the “immediately” setting. This is done by going to the Settings->Location and Security->Screen unlock settings->Timeout->Immediately.
Link to the Source of HACKING SII lock screen
As you can see in the video above, all one has to do to bypass the lock is wait for the display to timeout on its own and then press the power button. This removes the previous secure lockscreen and replaces it with a standard, non-secure lockscreen.
Depending upon what you store on your device, you may think of this as trivial or a matter of national security. Either way, you'll be glad to know that Samsung and AT&T have acknowledged the issue and working on fixing it.
We received an official statement from Samsung regarding the issue. See it below.
Samsung and AT&T are aware of the user interface issue on the Galaxy S II with AT&T. Currently, when using a security screen lock on the device, the default setting is for a screen timeout. If a user presses the power button on the device after the timeout period it will always require a password. If a user presses the power button on the phone before the timeout period, the device requests a password – but the password is not actually necessary to unlock it. Samsung and AT&T are investigating a permanent solution. In the meantime, owners of the Galaxy S II can remedy the situation by re-setting their time-out screen to the “immediately” setting. This is done by going to the Settings->Location and Security->Screen unlock settings->Timeout->Immediately.
