wpostServer: http://css.washingtonpost.com/wpost2

Most Read: Business

DJIA
-0.42%
S&P 500
-0.45%
NASDAQ
-0.05%
 Last Update: 11:08 PM 07/29/2014

World Markets from      

 

Other Market Data from      

 

Key Rates from      

 

Blog Contributors

Timothy B. Lee

Timothy B. Lee

Timothy B. Lee covers technology policy, including copyright and patent law, telecom regulation, privacy, and free speech. He also writes about the economics of technology. He has previously written for Ars Technica and Forbes. You can follow him on Twitter or send him email.

Brian Fung

Brian Fung

Brian Fung covers technology for The Washington Post, focusing on electronic privacy, national security, digital politics and the Internet that binds it all together. He was previously the technology correspondent for National Journal and an associate editor at the Atlantic. His writing has also appeared in Foreign Policy, Talking Points Memo, the American Prospect and Nonprofit Quarterly. Follow Brian on Google+ .

Andrea Peterson

Andrea Peterson

Andrea Peterson covers technology policy for The Washington Post, with an emphasis on cybersecurity, consumer privacy, transparency, surveillance and open government. She also delves into the societal impacts of technology access and how innovation is intertwined with cultural development.

Post Tech
About / Where's Post I.T.?   |    Twitter  |   On Facebook  |  RSS RSS Feed  |  E-Mail Cecilia
Posted at 11:46 AM ET, 02/22/2013

HTC settles with FTC over handset security flaws

The Federal Trade Commission said Friday that it has settled with HTC America on charges that the handset maker did not adequately secure its handsets, leaving sensitive user information stored on smartphones and tablets at risk.

The security flaws, first noted in 2011, allowed apps that connected to the Internet to look into HTC phones’ logs and access data including call history, location data, e-mail addresses and system logs. HTC was also found to be improperly logging information from Carrier IQ, a piece of analytics software that ended up at the center of a controversy over how carriers and manufacturers collect and handle data from their customers’ mobile devices.

HTC has been working with carriers to deploy patches that fix these security holes; many consumers have already received those patches.

The agency charged that HTC America did not adequately test and review software on its mobile devices for these vulnerabilities, leaving its devices open to malicious applications, which in turn could use access to the devices to collect information about everything from a user’s location to e-mails and text messages.

The FTC complaint also alleges that HTC used deceptive practices in obtaining users consent to collect and share data, as the security flaws ”undermined consent mechanisms” in users’ phones.

HTC has agreed to establish a comprehensive security program and is prohibited from making false or misleading statements about its security.

In a statement, the company said that it is working with carrier partners to patch the security holes.

“Privacy and security are important, and we are committed to improving practices that help safeguard our customers’ devices and data,” the company said. “We’re working to rollout the remaining software updates now and recommend customers download them once available.”

By  |  11:46 AM ET, 02/22/2013

 
Read what others are saying
     

    © 2011 The Washington Post Company