HTC's recent Sense UI issue don't help. So when XDA-Developers poster TrevE found some disturbingly direct violations of Android users' privacy in the Carrier IQ tracking software, he made it known to as many people as possible, with citations and evidence as needed. Now Carrier IQ has sent him a cease and desist letter, threatening legal action if he doesn't remove his research and allegations. The Electronic Frontier Foundation, a legal defense group for technology enthusiasts and issues, has offered him assistance.
current version 7 have raised the eyebrows of some users over at the ever-inventive XDA-Developers forum. According to forum poster "Fnorder", the new Webzine feature records every link, search and visited page and sends them to a remote server. If true, the breach of Dolphin users' privacy is very disturbing indeed. UPDATE: In response to the security and privacy concerns, the makers of Dolphin Browser have disabled the Webzine feature. According to the developer, user browsing data was never saved, and users' security has not been compromised.
security vulnerability in its Android smartphones is in the pipeline, addressing what some security experts suggested was a "massive" privacy issue. "In our ongoing investigation into this recent claim," the company told Engadget, "we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application" However, HTC also insists that it has seen no reports of the loophole actually being taken advantage of, with the potential for harm seemingly more theoretical than practical at this stage. Nonetheless, a security update is being worked on now, and which - after some carrier testing - will be delivered OTA to HTC Android phones. There's no timeline for its release - HTC says the carrier testing period will be "short" though that's presumably up to the networks themselves to deliver on - so until then the company points out that people should "use caution when downloading, using, installing and updating applications from untrusted sources." That's pretty sensible advice no matter what the situation. Full HTC Statement:
HTC takes claims related to the security of our products very seriously. In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application. A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability. HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly. During this time, as always, we strongly urge customers to use caution when downloading, using, installing and updating applications from untrusted sources.
issued a Subpoena recently over a few different issues, mainly regarding privacy and user data. Apparently there has now been even more information revealed from our friends over at Ars Technica that might have you all even more worried.
we reported here yesterday, CNN did a story that Google was working on a Mobile Facial Recognition App that would link personal data through real-time video footage from the camera on an Android Device to images stored on a user's Google Profiles pages. CNN went on to state that Google was holding back releasing the app because of privacy concerns. The story created a firestorm as Google has fired back completely denying such an app exists and that details of the story are a "are purely speculative and are inventions of the reporter.” Only trouble is, CNN has a recording of an interview with the Google engineer in charge and they're not backing down.
Wall Street Journal has conducted an investigation into the sort of data apps on your Android phone and on the iPhone collect and share about you. The WSJ looked at 101 popular smartphone apps on both the iPhone and Android devices and found that 56 of the apps transmitted unique device IDs to third party companies without the user's permission.
study was performed by researchers from Penn State and Duke Universities along with Intel Labs using a tool called TaintDroid.