+ Sunday September 22nd, 2019

The guys over at Android Police have discovered a possible flaw in the security of some recently released HTC Devices that could expose a lot of your data to any nefarious developers out there.

Apparently the security issue comes from a tool installed on some HTC Devices called HtcLoggers.apk which was supposed to be used by HTC to improve the overall quality of their phones and also any bugs that may arise (is SenseUI considered a bug?). The issue is that the data collected is not encrypted. So any application that is installed which requires the permission android.permission.INTERNET (which is a fairly basic permission for most applications) can access things like phone numbers from the phone log, SMS data, including phone numbers and encoded text (they’re not sure if the text can be decoded), GPS and Network Location information and a few other things.

After the scandal that hit the iPhone involving location data being kept unencrypted, you’d think that this sort of information would have been locked down as tight as possible but it appears it has been left wide open for seemingly any app developer with ill-intent to utilise.

Most of the phones listed by AndroidPolice are not available in Australia, but the ones that are available are :

  • EVO 3D
  • some Sensations

At this stage they have been unable to verify exactly which models other than these are affected; further, there are no reports of any malicious apps actually accessing this data, so the time for panic is not yet upon us.

HTC is apparently looking into this, so expect a patch of some sort to come out from them at some stage. Although no ETA has been given, as HTC is still investigating, the guys at Androidandme.com had this quote from HTC :

HTC takes our customers’ security very seriously, and we are working to investigate this claim as quickly as possible. We will provide an update as soon as we’re able to determine the accuracy of the claim and what steps, if any, need to be taken.


If however you have root access to your phone and would like to jump the gun you can remove the file from your phone from here : /system/app/HtcLoggers.apk.

Please note: Playing with your phone’s files is something you should do only if you are supremely confident in doing so, if you have any doubts, please wait for HTC to work their magic.

Source: Android Police, and AndroidandMe.

Daniel Tyson  


Dan is a die-hard Android fan. Some might even call him a lunatic. He's been an Android user since Android was a thing, and if there's a phone that's run Android, chances are he owns it (his Nexus collection is second-to-none) or has used it.

Dan's dedication to Ausdroid is without question, and he has represented us at some of the biggest international events in our industry including Google I/O, Mobile World Congress, CES and IFA.

Join the Ausdroid Conversation

0 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
0 Comment authors
Recent comment authors
newest oldest most voted
Notify of

Check Also

OnePlus begin rolling out Android 10 to their latest flagships

Android 10 has been out for a few weeks now and as per usual the …