Thursday, July 4, 2013

Major Privacy Breach Discovered on Motorola Phones

An independent security researcher published proof this week that Motorola phones with the Blur service installed are sending a myriad of credentials and private information silently to Motorola servers, as well as communicating via a modified version of the Jabber protocol in a format reminiscent of botnet command-and-control.

The disclosure - which featured packet captures, screen shots, and a full analysis of all of the data being sent - includes reproduction instructions for anyone concerned about their Motorola phone behaving in a similar manner. 

Impacted phone owners appear to have little recourse at this time, as the service responsible for this information disclosure cannot be removed without rooting the phone and installing a stock version of Android. (more)