HTC Settles with FTC Over Security
The U.S. Federal Trade Commission today revealed that HTC Americas has settled with the government agency over complaints that it failed to take adequate measures to secure its devices from third-party programs. Under the terms of the settlement, HTC has agreed to develop a software patch for all the affected devices (millions of smartphones and tablets) within 30 days, to develop an in-house security program to prevent future breaches, and to be audited by the FTC over its security protocols every other year for the next 20 years. According to the FTC, HTC "failed to provide its engineering staff with adequate security training, failed to review or test the software on its mobile devices for potential security vulnerabilities, failed to follow well-known and commonly accepted secure coding practices, and failed to establish a process for receiving and addressing vulnerability reports from third parties." The software patches will be distributed by both HTC and its network operator partners.
FCC, FTC Query Carriers and Phone Makers Over Security
The FCC and FTC today asked carriers and phone manufacturers how they handle security updates for their devices. The FCC sent letters to AT&T, Sprint, T-Mobile, Verizon Wireless, and other carriers, while the FTC queried Apple, Blackberry, Google, HTC, LG, Microsoft, Motorola, and Samsung.
Samsung to Issue Security Fixes Monthly
Samsung today said it is introducing a new policy to distribute security patches to its mobile devices once per month. The company said the change will help protect its device owners.
HTC 10 Picks Up Security Update, Bug Fix
HTC has begun pushing a minor update to unlocked variant of the HTC 10 smartphone. According to the change log, the update adds the latest security patches, fixes some bugs, and improves system stability.
HTC to Install Keeper Security Password Manager on Phones
HTC and Keeper Security today announced a new partnership that will see the latter's password manager added to the former's handsets. Keeper Security lets smartphone owners maintain and manage their disparate usernames and passwords for apps and web sites.
HTC: Monthly Security Updates Not Likely
HTC says it is on board with the concept of monthly security updates, but admits the reality is a different story. Jason Makenzie, president of HTC America, said the company "will push for them, but unrealistic for anyone to say guaranteed every month." The comment came in response to question posed to Makenzie about HTC handset security.