This is a major problem for users using original software.

I don't think it's as shallow as yours.
Do you really reading what are those updates for? I don't bloody think so.
If you do read, you don't tell this. It's all MENTIONED, SECURITY VULNERABILITY FIX, etc. Not just the general bug fixing and improvements.
That's why I said, one will treat the message I said before is like "blank message".

Again, this statement will be ignored. Because one will treat it as "blank message" again.

Hey guys here in Android Section, stop feeding the troll.
Ignore this thread. The TS/OP is known for being iFaging.
I must troll this.

at first, i supported htc bcos of their innovative HTC Sense software which is great and i could accept their handsets even though it didn't have the nicest screen,  fastest processor, or slickest design.

unlike iOS which is much more secured and users have peace of mind.

I would like you to draw back this statement... iOS isn't that secured like what do you think. in YouTube there are many videos have shown many iOS users have exploit iOS. Even thou the phone lock also can be exploit easily by an amateur.

And most of iOS users have jailbreak their gadgets, so it is not as secured any more.

Even thou android has so call bugs and security problems, their so problems are just a small fry you can settle it yourselves even thou you are not gadget savvy. Just wait HTC release the latest firmware and then update your phone.

So, no matter you are iOS user or Android user. Nothing is perfect and enough said... we won't like to have flame war in Android thread because some iOS dudes come and underestimate the Android.

agree abt ur rule of thumb. 
but what is mostly concerning is not androidheads like you, BUT the ppl who are not so tech-savvy.
even the caution message whenever u install an app is so complicated and wordy.
normally ppl just press "OK" or "I Agree".

surely they will just download from the android market bcos naturally, evrybody is assume to be safe.

never in their nightmares cld they imagine the possibility of stolen money or worst, kidnapping by just using a htc android phone. 

rooting doesn't make ur android safer, it is just a remedy to a created problem.
custom ROMs are safe? maybe yes, maybe no.
the point is, since userbase is small and limited to androidheads, the possibilities of detecting a major security issue (even though it is there) is very unlikely.

Just like bank phishing emails.  So many people who are not tech-savvy use Maybank2U.  So many kena con.  Read email, click on link, enter password, *BAM*.

never in their nightmares cld they imagine the possibility of stolen money or worst, kidnapping by just following a maybank2u email. 

It should be mentioned that the htcloggers.apk is only present in the most recent HTC OTAs. So the flagging of the exploit was early in the sense that not much people know about the exploit yet.

The flagging should be hailed more as an act of heroism of the Android developers community than a huge security hole dug by HTC.

Everything else is pretty irrelevant.

I'd like to add something,from what i can see the htcloggers.apk is also present in custom ROMs that are based on HTC's ROM [ARHD etc].On AOSP ROMs like the CM7/XboarderMOD the .apk isn't there.

HTC Public Statement

HTC takes claims related to the security of our products very seriously. In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application. A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability.

HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly. During this time, as always, we strongly urge customers to use caution when downloading, using, installing and updating applications from untrusted sources.

I'd like to add something,from what i can see the htcloggers.apk is also present in custom ROMs that are based on HTC's ROM [ARHD etc].On AOSP ROMs like the CM7/XboarderMOD the .apk isn't there.

I'm very sure these devs removed whatever logging apps present. They hate this kind of things. Since the ROM is theirs, there's no reason to report back to HTC the issues.

Just reading the changelog will tell you ARHD removed htcloggers on 21st september.

At times like these, OSes are all prone to something. However, I don't really hear anything about WP7 and Symbian.

As mentioned numerous times, nothing is perfect. But due to open nature of android, security breaches and malware is easy and becoming increasingly common. As long as the manufacturers react quickly, usually it is alright.
The trouble is now, the breach is caused by HTC own software and worst is, those taiwanese is taking their sweet time while htc android users are being threatened everyday! Poor souls.

I afraid someone might spill the beans... 

If he try then we will close this thread as the other thread before this :-)) p/s - maybe put a vacation ticket might not be a bad idea after all ~~lol~~

Lol... mod already closed one of someones thread... What do you think about this?