Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[Q] HeartBleed 4.2.2 on Htc one x + At&T stock

OP tyelrx

13th April 2014, 08:35 PM   |  #1  
OP Junior Member
Thanks Meter: 1
 
7 posts
Join Date:Joined: Jan 2014
Call me crazy, I have HTC one x + (At&T) running android 4.2.2. (STOCK VERSION, updated from 4.1.1 that came out a few months ago...also locked bootloader and an unrooted device).

I've read multiple articles saying the openSSL bug should not affect my phone. However ever security app I download to test for the bug says I have open SSL version 1.0.1c and the behavior is enabled. Now, i understand that android apps can be packaged with their own version of OpenSSL, but I'm not checking the apps. Lockout app & Blue Box both save I have the bug & it's enabled system wide. Annoyed with HTC customer support because they keep saying i don't have it. Perhaps I'm missing something, but why do multiple secruity apps say I'm vulnerable. Any suggestions would help.

thanks all
13th April 2014, 09:51 PM   |  #2  
panpjp's Avatar
Senior Member
Flag Bangkok
Thanks Meter: 79
 
1,007 posts
Join Date:Joined: Mar 2012
More
Your statement isn't quite clear, but I think the 1.0.1c version IS affected by Heartbleed.

Sent from my One X+ using xda app-developers app
13th April 2014, 10:37 PM   |  #3  
OP Junior Member
Thanks Meter: 1
 
7 posts
Join Date:Joined: Jan 2014
thanks panpjp

Sorry for the confusion

My Phone Information:
HTC ONE X + (AT&T)
OS: Android 4.2.2
STOCK/UNROOTED DEVICE
OpenSSL 1.0.1c - heartbreed enabled

So, i guess I'm wondering if anyone else with my device is seeing the same issue. I thought google confirmed 4.2.2 was not affected by the bug.

thanks



Quote:
Originally Posted by panpjp

Your statement isn't quite clear, but I think the 1.0.1c version IS affected by Heartbleed.

Sent from my One X+ using xda app-developers app

14th April 2014, 01:54 PM   |  #4  
Thyg0d's Avatar
Junior Member
Flag Järfälla Sthlm
Thanks Meter: 3
 
19 posts
Join Date:Joined: Aug 2010
More
Quote:
Originally Posted by tyelrx

thanks panpjp

Sorry for the confusion

My Phone Information:
HTC ONE X + (AT&T)
OS: Android 4.2.2
STOCK/UNROOTED DEVICE
OpenSSL 1.0.1c - heartbreed enabled

So, i guess I'm wondering if anyone else with my device is seeing the same issue. I thought google confirmed 4.2.2 was not affected by the bug.

thanks

I can only confirm what you're saying..
Got a HTC One x as well.. Stock and all and I get the same response from those apps..
15th April 2014, 04:12 PM   |  #5  
Senior Member
Thanks Meter: 1
 
111 posts
Join Date:Joined: Nov 2006
More
Quote:
Originally Posted by Thyg0d

I can only confirm what you're saying..
Got a HTC One x as well.. Stock and all and I get the same response from those apps..

Same with my stock htc one x.
15th April 2014, 05:06 PM   |  #6  
Thyg0d's Avatar
Junior Member
Flag Järfälla Sthlm
Thanks Meter: 3
 
19 posts
Join Date:Joined: Aug 2010
More
Spoke to the Swedish HTC support today and their response was that no updates to fix this was currently scheduled so in short:
"Don't use our phone if you care about your passwords being leaked" as I understood it..
16th April 2014, 04:24 AM   |  #7  
OP Junior Member
Thanks Meter: 1
 
7 posts
Join Date:Joined: Jan 2014
I got the same response from htc, they kept saying I was on 4.1.1 and privacy matters. Didn't even listen to me. Hope they fix this...was gonna buy a new phone in a few months. Not sure if HTC will be my first choice unless they can change my mind.

Quote:
Originally Posted by Thyg0d

Spoke to the Swedish HTC support today and their response was that no updates to fix this was currently scheduled so in short:
"Don't use our phone if you care about your passwords being leaked" as I understood it..

16th April 2014, 10:09 AM   |  #8  
Thyg0d's Avatar
Junior Member
Flag Järfälla Sthlm
Thanks Meter: 3
 
19 posts
Join Date:Joined: Aug 2010
More
Quote:
Originally Posted by tyelrx

I got the same response from htc, they kept saying I was on 4.1.1 and privacy matters. Didn't even listen to me. Hope they fix this...was gonna buy a new phone in a few months. Not sure if HTC will be my first choice unless they can change my mind.

Okay.. even worse than our support then.. :-o
Always a great way to loose customers..

I've used HTC since Hero but now I'm jumping ship..
the HOX has been nothing but problem for me and it's been serviced 4 times for all kind of issues..
Wifi/BT being one of them..
Going for a sony Z2 now, IF sony can deliver them any time soon.. Like this year at least..
17th April 2014, 12:20 AM   |  #9  
Senior Member
Flag Essen,Germany
Thanks Meter: 26
 
485 posts
Join Date:Joined: May 2011
More
Can i trust the app heartbleed detector. This is what it says with my phone

Sent from my One X+ using XDA Premium 4 mobile app
Attached Thumbnails
Click image for larger version

Name:	1397686817415.jpg
Views:	285
Size:	52.8 KB
ID:	2690505  
17th April 2014, 08:49 PM   |  #10  
Thyg0d's Avatar
Junior Member
Flag Järfälla Sthlm
Thanks Meter: 3
 
19 posts
Join Date:Joined: Aug 2010
More
Quote:
Originally Posted by jizang

Can i trust the app heartbleed detector. This is what it says with my phone

Sent from my One X+ using XDA Premium 4 mobile app

You should since it's not hard do detect when you know what to look for.. .. Didn't expect any difference between One X and One X+ though..

Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes