Guest hecatae Posted February 6, 2012 Report Share Posted February 6, 2012 Back in September 2011 several HTC Devices were found disclosing WiFi credentials to Android applications, allowing their transmission to the author. The affected handsets are: Desire HD (both "ace" and "spade" board revisions) - Versions FRG83D, GRI40Glacier - Version FRG83Droid Incredible - Version FRF91Thunderbolt 4G - Version FRG83DSensation Z710e - Version GRI40Sensation 4G - Version GRI40Desire S - Version GRI40EVO 3D - Version GRI40EVO 4G - Version GRI40 Instead of an immediate Public Disclosure, the researchers who stumbled on the flaw contacted Google and HTC Global regarding the issue. It took HTC and Google 24 hours to verify the exploit, and the Public Disclosure was delayed for four months to allow Google to make changes in the Android code to better protect the credential store, and for HTC to create software updates for all affected handsets. So what is this exploit? A short abstract from Bret Jordans' blog explains it best: QuoteThere is an issue in certain HTC builds of Android that can expose the user's 802.1X Wi-Fi credentials to any program with basic WI-FI permissions. When this is paired with the Internet access permissions, which most applications have, an application could easily send all stored Wi-Fi network credentials (user names, passwords, and SSID information) to a remote server. This exploit exposes enterprise-privileged credentials in a manner that allows targeted exploitation. Customers with affected software versions can find information from HTC about updating their handset at: http://www.htc.com/www/help/ Google has also completed a code scan of every application currently available in the Android Market and there are no applications currently exploiting this vulnerability. If anyone wants the full technical how it works, Bret Jordan's blog post, click here, has full information of how the exploit worked. I'm curious to know if anyone is still running one of the affected software versions listed above, let us know in the comments if you are. Source: US-CERT This item was promoted to the News page - click here to view. Link to comment Share on other sites More sharing options...
Guest SilentBob Posted February 9, 2012 Report Share Posted February 9, 2012 So where to I find this version number ("Versions FRG83D, GRI40") for reference? I have an Orange UK Desire HD and am still waiting for the Android 2.3.5/Sense3.0 update. As such, my previous update pre-dates this news by a long way. I can not see anything in the "software information" that includes either of these codes, so are carrier devices "safe"? If not then it is a bit concerning that this has now been made public whilst there are still so many devices out there running the old software. Link to comment Share on other sites More sharing options...
Guest hecatae Posted February 16, 2012 Report Share Posted February 16, 2012 Hi SilentBob, I dont own a HTC device, just asked the rest of the MoDaCo team if they can post a screenshot of where the version numbering is Link to comment Share on other sites More sharing options...
Recommended Posts