FTC And HTC Settle Over Device Security

They say all publicity is good publicity, especially when you have a new handset (HTC One) coming to market. But I wonder if HTC think the same way after being ordered by the FTC to develop and release software patches to secure many vulnerabilities that may have affected millions of their devices? 


One of the more pertinent parts of the settlement between the two parties is detailed below:

“IT IS FURTHER ORDERED that respondent shall, no later than the date of service of this order, establish and implement, and thereafter maintain, a comprehensive security program that is reasonably designed to (1) address security risks related to the development and management of new and existing covered devices, and (2) protect the security, confidentiality, and integrity of covered information, whether collected by respondent or input into, stored on, captured with, accessed or transmitted through a covered device.”

In response, HTC have said that they are already working on many of the flaws identified by the FTC and that,

“Privacy and security are important, and we are committed to improving practices that help safeguard our customers’ devices and data. Working with our carrier partners, we have addressed the identified security vulnerabilities on the majority of devices in the US released after December 2010. We’re working to rollout the remaining software updates now and recommend customers download them once available.”
Sally Julien

Looking ahead it seems that the FTC are going to be keen on ensuring that phone manufacturers are paying particular attention to consumer security and that they will require flaws to be fixed with some expediency.

That, of course, is an ideal solution for users of phones and tablets but, with hackers always looking to break things and/or make money, what will the costs be to manufacturers and how do you think will they recoup them???

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind