The update, which adds android.permission.INTERNET, accesses location history, phone numbers, SMS data and a list of user accounts, but potentially leaks more personal data.
Phones like the EVO 3D now expose network info, including IP addresses; full memory info; active notifications in the notification bar, including notification text; list of installed apps, including permissions used, user ids, versions; and more, says PCM.
HTC, in response, says it "takes our customers' security very seriously, and we are working to investigate this claim as quickly as possible. We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."
If you have a rooted device, you can remove the update "HTCloggers" at /system/app/HtcLoggers.apk.
Written by: Andre Yoskowitz @ 3 Oct 2011 11:35