Is your personal data at risk on an HTC smartphone?
An investigation is looking into allegations that more recent versions of HTC's Sense UI is storing personal data. Android Police and custom firmware maker Trevor Eckhart are taking a look at the situation and claim that logging tools such as HTCLogger in the Taiwan based firm's Sense UI store personal data insecurely. Certain models from HTC, if compromised, could actually be accessed remotely thanks to the VNC client that HTC loads on some of its phones.
This is not to say that HTC or a spy is sifting through your personal data as we write this, but only to suggest that it theoretically can occur. The phones involved include the HTC Evo 3D (Sprint), the HTC Evo 4G (Sprint) and the HTC ThunderBolt (Verizon). Other models like the myTouch 4G Slide (T-Mobile) and the HTC Sensation 4G (T-Mobile) might also be involved. Even models that have yet to launch like the HTC Vigor (Verizon) could be collecting your data.
source: AndroidPolice via electronista
So far, HTC has been totally silent about this situation. It was only advised of the problem a week ago and there is speculation that the manufacturer is looking into the problem with its own investigation, but this has not been confirmed or denied. Because of the open source nature of Android, while Google requires consent before information can be read off a device, third parties can change the underlying code and hardware firms can also leave doors open that invite rather than thwart those who like to take personal data from devices. The data that is vulnerable include phone numbers, your recent movements tracked via GPS, SMS, emails, user accounts and more.
Things that are NOT allowed: