HTC EVO 4G Shipping With A Serious Security Flaw


Hacker Matt Mastracci (posting on his blog Grack.com) is one of the developers responsible for getting root to the new HTC EVO 4G owners today, but with this gift he gives everyone a very clear warning: the HTC EVO 4G that you’ll be getting out of the box is one of the most vulnerable Android phones to date.


He cites the fact that he was able to root the phone so easily is not a good thing, but a problem. Consumers won’t know just how much access third-party apps have to their phones through exploits and a malicious app could do some nasty things with their data. Being the responsible developer that we appreciate him for being, he’s putting it out there ahead of time to make sure everyone (root or otherwise) who owns the phone knows what they’re getting into.

Another reason is he actually wants to work with Sprint, HTC, and Google to get this patched up before someone comes along and spoils the party. He’ll be offering his root method for one week from today, but after that period he will be releasing the details regarding how he cracked the device with hopes to open Sprint and HTC’s eyes (this is a Sense-only problem) and get a more secure ROM out there as soon as possible. It’s comforting to know that Google and Sprint are already trying to get this fixed up, so if you want to root your phone, make sure you do it soon as they could patch these holes up in no time.

Quentyn Kennemer
The "Google Phone" sounded too awesome to pass up, so I bought a G1. The rest is history. And yes, I know my name isn't Wilson.

HTC EVO 4G Launches on Sprint Today

Previous article

Dell Streak’s HDMI Dock to be Shown Off at D8 Today

Next article

You may also like


  1. can sprint put out an android phone without a major issue?

  2. Seriously. It is cool that he rooted the device and is sharing the info so others can root the phone and do what they will with it. Hell everyone has been crying for the ability to be able to root a device fairly easily because we own the device and should we choose to we can modify it. Now a device is too easily rooted and there is a problem? People we need to get our priorities straight here.

  3. let the problems begin !! 1st of many as usual with Sprint and HTC

  4. @darkseider: of course it’s cool to root your own device and run a custom rom (i do so myself) but what we DON’T want is that someone else (a malicious app for instance) can get root and do harmful stuff with it! a possible scenario would be that an app installs a key logger with then records all passwords and credit card numbers. i guess you wouldn’t want that ;)

    so i pleade for a SECURE system with root for the OWNER per default! wouldn’t that be nice :)

  5. To root or not to root, that is the question.

    As someone new to this, and with a bad Sprint taste already in my mouth, I am uncertain what to do.

  6. Users (owners) of a device should be able to root it if they so choose. This should require deliberate action by the user and not be something done accidentally.
    Applications, on the other hand, should NOT be able to root a device.

  7. What makes this funny are the people posting here. As smartphones are now mini computers, which means sooner than later people will try to exploit them for their own benefit. It is the responsiblity of the user to take into account risk in any product they buy and use. Now the way this article reads it seems that there was an initial overlooked security flaw, and if that is true that it is the fault of HTC and has nothing to do with Sprint. If I replace my tires on my car and they fail then I blame goodyear not ford. When a phone is rooted then hey you run a risk and because people want customization, oh well suck it up and take the risk. The other thing is most peoplee don’t bother looking at which functions an app needs to use on your phone. EG programs that say they need full access, we need to ask as users why does this app need full access. That portion falls on google to give us as user more information on the permissions various apps need. Either way I am sure if there was an overlooked security flaw the will fix it with a patch. It still a bad azz phone anyway. People really need to grow up over this rooting issue, if u modify something don’t cry foul when it doesn’t work as intended.

  8. Im sposed to trust a Hacker?

  9. Not all hackers are bad :) the media just makes them seem that way.

  10. This has to be one of the most misleading posts. Shipped with a serious flaw? LOL. There’s no flaw that would actually affect anyone. Show me an app on Google Market that does this.

    If anyone is dumb enough to download a malicious app with no positive comments from other users, they deserve to get their phone hacked.

Leave a reply

Your email address will not be published. Required fields are marked *

More in Handsets