After security firm FireEye Labs revealed that HTC One Max and Samsung S5 don’t store fingerprint data in an encrypted image format, the news created quite a stir among the users of the HTC phone that is almost two years old.
According to FireEye, HTC acted immediately and fixed the vulnerable spot. It appears the fingerprints read by the phone were being kept in an world readable file, which means it could’ve easily been accessed by any app on the device. With so may malicious app floating around, that is as bad as it sounds.
The flaw was fixed immediately, and HTC insisted to add the bug was removed from all regions.
HTC One Max used to store the users’ fingerprints in a bitmap file. FireEye didn’t have any issue reconstructing the specialized file into a scan of the fingerprint. What is more, the HTC phone updated this image each time a new scan was submitted, which means a potential hacker could have obtained various file images without lifting a finger.
Not only HTC One Max is under the close scrutiny of FireEye. According to the security firm, the same flaw could exist in Samsung’s Galaxy S5 and a few others that haven’t been named yet.
Although HTC One Max was never particularly popular, it’s still uncertain if the bug was detected by any malicious app and used in mischievous acts. FireEyes’ discovery left many concerned for their security. It’s one thing to have your password leaked and another to have your fingerprints in the hands of hackers.
As a consequence, users are encouraged to choose smartphones that have an updated security patch available. Also, the classic “stay away from unreliable sources” still applies and may keep you away from malicious apps in the long run.
How bad is this for HTC? Their stocks have recently sunk very low, which translates into anyone being able to buy all their shares for less than the cash they are currently holding. Need another translation? As investors would put it, HTC is now essentially worthless.
HTC was never a leader on the smartphone market, although they deliver some sturdy, reliable Android phones. So how did they get knee deep in trouble? A quick glance at the numbers tells us that HTC is running at a loss, unable to sell phones for more than they pay to make them. That can’t be good for business.
With Androids getting cheaper and cheaper, the forecast for HTC doesn’t look too sunny. And alongside fierce competitors like Samsung and Motorla, HTC might not come out of the fighting pit alive.