updated 06:50 pm EDT, Thu June 3, 2010
Android apps can easily access personal data
Sprint's customized user interface allegedly compromises the Evo 4G's security, according to dotspots founder Matt Mastracci. The disclosure comes from the same source that reportedly gained root access in just a few hours after the device was handed out to Google I/O attendees.
"The Sprint customizations of Android are so bad that an Android application could get access to all of your data with very little work," Mastracci claims. "You are putting your data at risk of theft from not just one vulnerability, but a whole suite of vulnerabilities."
The team will release its "unrevoked" exploit on Friday, which is said to allow users to root their Evo 4Gs. Mastracci suggests the developers will not release the additional vulnerabilities to Sprint, unless the carrier decides to provide users with full access to the phone.