Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

HTC Android Vulnerability found

M10 (1923480) writes | more than 3 years ago

Security 0

M10 (1923480) writes "Just before Christmas we ran into a vulnerability on a number of HTC Android phones. We informed HTC and the Finnish Communications Regulatory Authority, and waited to get it fixed. Now it's time to go public and allow you to check whether your phone is vulnerable.
I came across an interesting behavior while doing some research regarding what kind of information one can access on an HTC Desire Z Android phone. A simple application with no permission to reboot the phone managed to do just that by simply reading a specific file on the phone. This turned out to be a kernel bug that could, with the help of another more serious vulnerability, be triggered also remotely when user visits a malicious website. The problem seems to only affect HTC phones, the mainline Android kernel is apparently unaffected.
More here: https://www.nixuopen.org/blog/2011/2/remote-reboot-for-htc-android-phones/"

Link to Original Source

cancel ×

0 comments

Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>