Kupując telefon HTC lub Samsunga otrzymujemy bonus w postaci sporej dodatkowej przestrzeni na Dropboxie. Okazuje się jednak, że jest pewien haczyk jeśli nadal mamy bonus z poprzedniego telefonu…
Skany odcisków palców na smartfonach HTC nie są zabezpieczone →
12 sierpnia 2015 · 09:40
Samuel Gibbs:
Researchers from FireEye have found that data that could be used to clone a user’s fingerprint was stored as an unencrypted “world readable” image file on HTC smartphones.
Four security researchers discovered that the image file, which is clear replica of a user’s fingerprint, could be stolen by rogue apps or hackers.
“While some vendors claimed that they store user’s fingerprints encrypted in a system partition, they put users’ fingerprints in plaintext and in a world readable place by mistake,” the authors wrote. “On the HTC One Max X the fingerprint is saved as /data/dbgraw.bmp with a 0666 permission setting (world readable). Any unprivileged processes or apps can steal user’s fingerprints by reading this file.”
Brawo HTC.