HTC: Rendered Worthless By Insecurity?

Uploaded on 2015-08-14 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Financial

87648734.jpg?x=648&y=329&infer_y=1

Fingerprint biometrics unencrypred: attackers can sit in the background and collect the fingerprint image of every victim.

Internet hyperbole (and financial analysis) has rendered HTC, a once high-flying mobile brand, essentially valueless.

In short, the company is trading below cash on hand. So if you bought all HTC stock, the company would have to pay you, the buyer, to take it over. This means the company’s factories, stock and brand are worth nothing, at least on Wall Street.

Furthermore, the researchers have discovered that the HTC One Max has been keeping fingerprint biometrics used to unlock the cellphones in an unencrypted “world-readable” file, a definite no-no in the world of security. Hackers could easily open the file /data/dbgraw.bmp on the phone’s memory and capture your fingerprint data.

It is clear that companies like HTC and Samsung are about to be hit by lower-end manufacturers right where it matters most: price. The profit on an average Android phone is about a penny. This means the only way to survive is by reducing the price of a phone as much as possible. However, the modern phone marketers like Samsung and HTC only want to sell flagships – big, tent-pole phones that lend themselves to big marketing budgets and fancy commercials.

There is no perceived upside in flogging the cheapest of the cheap, especially considering the “fanciest” phone out there is the iPhone. When your only competitor is also ostensibly the most expensive phone on the market, there is little value in highlighting your cheapest models.

When HTC first began selling its own phones in about 2006, the market was wildly striated. There was a solid base of “free” phones running a Java stack that offered little more than a keypad and a contact list.
In the mid-range were clever feature phones like the HTC Wizard and Samsung Blackjack that appeared every few months and were aimed at a general “upgrader” class of user who wanted little more than to have the latest cell phone.
Finally, there were the luxury phones like the iPhone and a few Galaxy phones, as well as business-focused brands like BlackBerry and even LG with its crazy Prada phone. These price points allowed for a certain amount of cushion as cell phone newbies picked up cheap phones and the die-hards paid a premium for the good stuff.

Now it’s iPhone and everyone else. The cell phone buyer’s market is saturated. Even the upgrade cycles have grown longer. In short, people are holding onto their expensive phones longer or buying wildly cheap ones. There is no middle ground.

HTC got hit with a one-two punch this week. The financial news and the security discovery are exactly the pieces of information that will further drive HTC’s stock price – and popularity – into the toilet. HTC might be able to pull a Motorola and partially pull out of the nosedive, but, knowing the market for the average cell phone, I’m not holding my breath. Too many cell phones and too little profit make for a really bad business.
Techcrunch: http://tcrn.ch/1gFUgrr

 

 

« US Internet Giants Join to Curb Child Sex Abuse
France & UK on the Edge of Kafkaesque Surveillance »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Caliber Security Partners

Caliber Security Partners

Caliber Security Partners is a full-service information security company, with a wide range of security services for clients with varying levels of security maturity.

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

Reblaze Technologies

Reblaze Technologies

Reblaze provides the world’s best security technologies in a cloud-based website security platform.

VNCERT

VNCERT

VNCERT is the national Computer Emergency Response Team for Vietnam.

Cymulate

Cymulate

Cymulate is a SaaS-based breach and attack simulation platform that makes it simple to know and optimize your security posture any time, all the time.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

Digital Resolve

Digital Resolve

Digital Resolve delivers solutions that help companies maintain trust and confidence through proven and cost-effective fraud-protection and identity intelligence technology.

Cowbell Cyber

Cowbell Cyber

Cowbell Cyber™ offers continuous risk assessment, comprehensive cyber liability coverage, and continuous underwriting through an AI-powered platform.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

VariQ

VariQ

VariQ is a premier provider of Cybersecurity, Software Development and Cloud services to federal, state, and local government.

Cynance

Cynance

Cynance are an award-winning, independent cyber security specialist and part of the Transputec family of companies.

Cyber Security for Europe (CyberSec4Europe)

Cyber Security for Europe (CyberSec4Europe)

CyberSec4Europe is designing, testing and demonstrating potential governance structures for a European Cybersecurity Competence Network.

Saiflow

Saiflow

SaiFlow provides a tailor-made cybersecurity solution for Electric Vehicles Charging Infrastructure (EVCI), Distributed Energy Resources (DERs) and energy networks and assets.

StepSecurity

StepSecurity

StepSecurity provides a comprehensive security platform for GitHub Actions.

Securitum

Securitum

Securitum is a leading penetration testing company in central and eastern Europe.