HTC smartphone maker settles U.S. software security case

WASHINGTON Fri Feb 22, 2013 11:51pm IST

The logo of HTC is seen in Taipei September 24, 2008. REUTERS/Pichi Chuang/Files

The logo of HTC is seen in Taipei September 24, 2008.

Credit: Reuters/Pichi Chuang/Files

Related Topics

Stocks

   

WASHINGTON (Reuters) - HTC America, which makes smartphones and tablets that use Android and Windows software, will settle a U.S. regulator's charges it failed to take adequate steps to eliminate security flaws that put millions of users' data at risk.

The Federal Trade Commission said on Friday that HTC America, a subsidiary of HTC Corp in Taiwan, made millions of phones with programming flaws that allowed third-party applications to evade Android's permission-based security model.

This means that the Android operating system, which normally requires users be provided notice if sensitive data is given to third parties like data brokers, was prevented from giving notice to users, according to the FTC.

Sensitive data includes location or the contents of text messages. The settlement requires the company to establish a comprehensive security program and patch the software holes.

HTC spokeswoman Sally Julien said the company, working with carrier partners, has addressed the identified security issues on majority of devices released in the United States after December 2010.

"We're working to roll out the remaining software updates now and recommend customers download them once available," Julien said.

The regulator said in a statement that HTC America "failed to provide its engineering staff with adequate security training, failed to review or test the software on its mobile devices for potential security vulnerabilities (and) failed to follow well-known and commonly accepted secure coding practices."

It said millions of HTC devices were compromised, "potentially permitting malicious applications to send text messages, record audio, and even install additional malware" without the knowledge or consent of the user.

In a Twitter question-and-answer session, the FTC said that while the HTC America case was not the first on data security unfairness, it was the first that dealt with software security.

(Reporting By Diane Bartz and Alina Selyukh; Editing by Ros Krasny and Grant McCool)

FILED UNDER:

Online Shopping

An empty shopping cart is seen outside a Best Buy store in Westbury, New York November 28, 2014. REUTERS/Shannon Stapleton

BestBuy.com back online after second Black Friday outage

Best Buy Co Inc's retail website is back online after it was down for a second time on Black Friday, the busiest U.S. shopping day in terms of sales and traffic since 2005, according to ShopperTrak.  Full Article 

REUTERS SHOWCASE

Gold Imports

Gold Imports

India eases gold import rule in surprise move.  Article 

Indians in Iraq

Indians in Iraq

India says no contact with 39 men held by Islamic State in Iraq.  Full Article 

Sahara Issue

Sahara Issue

Sahara looks to raise $650 million loan to fund bail.  Full Article 

Bhopal Tragedy

Bhopal Tragedy

Bhopal's toxic legacy lives on, 30 years after industrial disaster.  Full Article 

Banking Sector

Banking Sector

After record deal, more India bank takeovers on cards  Full Article 

Islamic Fund

Islamic Fund

India gets new Islamic equity fund but debt market still off-limits  Full Article 

Cricket Tragedy

Cricket Tragedy

Clarke breaks down giving heartfelt Hughes tribute  Full Article 

Nigeria Violence

Nigeria Violence

Bombs, gunfire kill 81 at crowded mosque in Nigeria's Kano  Full Article 

Movie Review

Movie Review

D’Silva's “Ungli” just skims the surface  Full Article | Related Story 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device  Full Coverage