Jeśli chcecie mnie wesprzeć to zapraszam do kupna mojego poradnika "Jakim jesteś Makiem?".

Skany odcisków palców na smartfonach HTC nie są zabezpieczone →

· Wojtek Pietrusiewicz · 1 Comment

Samuel Gibbs:

Researchers from FireEye have found that data that could be used to clone a user’s fingerprint was stored as an unencrypted “world readable” image file on HTC smartphones.

Four security researchers discovered that the image file, which is clear replica of a user’s fingerprint, could be stolen by rogue apps or hackers.

“While some vendors claimed that they store user’s fingerprints encrypted in a system partition, they put users’ fingerprints in plaintext and in a world readable place by mistake,” the authors wrote. “On the HTC One Max X the fingerprint is saved as /data/dbgraw.bmp with a 0666 permission setting (world readable). Any unprivileged processes or apps can steal user’s fingerprints by reading this file.”

Brawo HTC.

Chcesz zwrócić mi na coś uwagę lub skomentować? Zapraszam na @morid1n lub na forum.