HTC: Rendered Worthless By Insecurity?

Uploaded on 2015-08-14 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Financial

87648734.jpg?x=648&y=329&infer_y=1

Fingerprint biometrics unencrypred: attackers can sit in the background and collect the fingerprint image of every victim.

Internet hyperbole (and financial analysis) has rendered HTC, a once high-flying mobile brand, essentially valueless.

In short, the company is trading below cash on hand. So if you bought all HTC stock, the company would have to pay you, the buyer, to take it over. This means the company’s factories, stock and brand are worth nothing, at least on Wall Street.

Furthermore, the researchers have discovered that the HTC One Max has been keeping fingerprint biometrics used to unlock the cellphones in an unencrypted “world-readable” file, a definite no-no in the world of security. Hackers could easily open the file /data/dbgraw.bmp on the phone’s memory and capture your fingerprint data.

It is clear that companies like HTC and Samsung are about to be hit by lower-end manufacturers right where it matters most: price. The profit on an average Android phone is about a penny. This means the only way to survive is by reducing the price of a phone as much as possible. However, the modern phone marketers like Samsung and HTC only want to sell flagships – big, tent-pole phones that lend themselves to big marketing budgets and fancy commercials.

There is no perceived upside in flogging the cheapest of the cheap, especially considering the “fanciest” phone out there is the iPhone. When your only competitor is also ostensibly the most expensive phone on the market, there is little value in highlighting your cheapest models.

When HTC first began selling its own phones in about 2006, the market was wildly striated. There was a solid base of “free” phones running a Java stack that offered little more than a keypad and a contact list.
In the mid-range were clever feature phones like the HTC Wizard and Samsung Blackjack that appeared every few months and were aimed at a general “upgrader” class of user who wanted little more than to have the latest cell phone.
Finally, there were the luxury phones like the iPhone and a few Galaxy phones, as well as business-focused brands like BlackBerry and even LG with its crazy Prada phone. These price points allowed for a certain amount of cushion as cell phone newbies picked up cheap phones and the die-hards paid a premium for the good stuff.

Now it’s iPhone and everyone else. The cell phone buyer’s market is saturated. Even the upgrade cycles have grown longer. In short, people are holding onto their expensive phones longer or buying wildly cheap ones. There is no middle ground.

HTC got hit with a one-two punch this week. The financial news and the security discovery are exactly the pieces of information that will further drive HTC’s stock price – and popularity – into the toilet. HTC might be able to pull a Motorola and partially pull out of the nosedive, but, knowing the market for the average cell phone, I’m not holding my breath. Too many cell phones and too little profit make for a really bad business.
Techcrunch: http://tcrn.ch/1gFUgrr

 

 

« US Internet Giants Join to Curb Child Sex Abuse
France & UK on the Edge of Kafkaesque Surveillance »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

SABSACourses

SABSACourses

SABSA is a development process used for solving complex problems such as IT Operations, Risk Management, Compliance & Audit functions.

Linklaters LLP

Linklaters LLP

Linklaters is an international law firm. Practice areas include Information Management and Data Protection.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

Independent Security Evaluators (ISE)

Independent Security Evaluators (ISE)

ISE is an independent security consulting firm headquartered in Baltimore, Maryland dedicated to securing high value assets for global enterprises and performing groundbreaking security research.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

_cyel

_cyel

_cyel is introducing a new cybersecurity strategy: not a new generation of patches and firewalls, but moving target security – we take away the targets. Without replacing your existing system.

Sixgill

Sixgill

Sixgill, an IoT sensor platform company, builds the universal data service and smart process automation software allowing any organization to effectively govern its IoE assets.

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum is a catalyst platform designed to create a more resilient and better cyberworld for all.

Tetrad Digital Integrity (TDI)

Tetrad Digital Integrity (TDI)

TDI is a world-class consulting firm offering cybersecurity services to government agencies and commercial clients around the world.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

Cyber Griffin

Cyber Griffin

Founded by the City of London Police in 2017, Cyber Griffin is an initiative that supports businesses and individuals in the Square Mile to protect themselves from cyber crime.

Quantexa

Quantexa

Quantexa automates millions of operational decisions, at scale, across multiple business units, including Anti-Money Laundering, Know-Your-Customer, Fraud, Credit Risk and Customer Intelligence.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

Q5id

Q5id

At Q5id, we prove that your customers' digital identity and real-world identity are the same, our verification and authentication solution delivers a Proven and Secure digital identity for everyone.