The original HTC EVO 4G, the EVO 3D, and the EVO Design 4G have all received OTA updates recently, all very close to one another, and all with unnamed security updates. Then, last weekend, we heard that HTC had reached an agreement with the FTC regarding charges that the company shipped millions of devices to consumers with a potentially huge security bug.
Could these updates be related?
Specifically, HTC is accused of failing “to employ reasonable and appropriate security practices” on over 18 million devices shipped to American consumers. The security bug in question allowed malicious third party apps to use the voice recorder function on affected devices to unknowingly record users’ phone conversations.
On Friday, a spokesperson for HTC said that the majority of devices affected had already been patched, which I have confirmed on my own HTC EVO 4G LTE (the voice recorder stops recording once a phone call is initiated). It now appears that this functionality was also stripped from the other EVOs, meaning that this very well could have been what these recent updates were all about. While I’ve been unable to locate more information about these specific updates, this seems the most logical – and probable – explanation.[FTC via Huffington Post] Thanks, Peter and Bill!