Shared publicly  - 
 
Since XDA decided to take a public jab at us here http://www.xda-developers.com/android/carriers-take-cover-privacy-notices-start-rolling-out-and-a-note-from-the-portal-admin/, here's our public response:

http://twitter.com/#!/AndroidPolice/status/121706256275738625

http://twitter.com/#!/AndroidPolice/status/121707476885311488

Along with some more @ replies at http://twitter.com/AndroidPolice.

Update: xda or ez or any other members were never part of the discussion - Trevor came to us, and we started working with him and nobody else. Nobody else's name was mentioned to us until today when xda unexpectedly called us out, followed by Trevor amending his original post (which wasn't even posted on xda in the first place) and adding a note about ez's help with contacting HTC. At the time of the writing, Trevor spotted the specific vulnerability we investigated, Trevor came up with all the proof-of-concept code, and Trevor came to us - he was credited properly, end of story. Who BBC or whoever ended up crediting is BBC's and whoever's business. With the new information about ez's involvement with putting Trevor in touch with HTC, I've updated the original article and added him to the credits. Shame on you, xda, for pulling what you pulled today.
11
Stoney BadSeed's profile photoTim Fenton's profile photoJake Weisz's profile photoJulian Seaborn's profile photo
56 comments
 
It was more than adequately sourced. I remember seeing "TrevE from XDA" written more than once in the article. I wonder did egzthunder1 even read the AndroidPolice article that he is criticizing?
 
Case of pot calling the kettle black.
 
I'd like to see what the source has to say. You have to admit...the fact that the first article was published back in August by XDA...it leaves room for question
 
+David Guevara How so? That would imply that both parties are guilty of inadequately sourcing when, in fact, neither party is...
 
The source, TrevE, is in our team chat right now - he's kind of part of the team now. He came to us with the HtcLoggers issue and worked with us for the duration of Saturday. You can ask him - he's on Twitter.
 
Who really cares?!?! Unless u plan on going the Apple route and sue them, lol! B*itching over who gave credit for something is petty. Then its all over Twitter and G+??? Really?!?! Is it that serious?!?! 
 
+Steve Solomon Hey, I agree - but we were called out and asked for a response, so here it is.
 
Petty fighting over an article is kinda retarded... All that matter is the community found it and its going to be addressed by HTC

The only one that matter when getting credit for it is TrevE
 
I think that this is more of an issue of hurt feelings and emotions running out of control than anything else. I really dont see what the problem was TrevE was mentioned numerous times smh.
 
I didn't feel at all like you guys were the ones who released the vulnerability.
They might have over reacted.
 
Meh. I kind of prefer AC. XDA is full of noobs but some of the developers are real assholes. Im pretty sure I saw XDA in the article.
 
As I said on twitter, this seems to be an issue with the source and is not directly related to @AndroidPolice. @xdadevelopers does not wish to cause a rift in the community over this. You sound like you did your part as well as did EZ. *Shake hands, since EZ doesnt can not speak for himself in here, lets just close this before it gets out of hand.
 
BTW, he updated his post and gave credit to EZ for his work in this. "Egzthunder1 (Sorry this was not posted earlier. Egzthunder1 @ xda-developers.com has been working hard to disclose this information to HTC over the past month. When this thread was originally posted, it was locked and intended between me and HTC, on the 30th I just opened it after XDA had first news story here - http://www.xda-developers.com/androi...t-isnt-pretty/ - I did not know this would get this big)" http://infectedrom.com/showthread.php/559-Vunerability-1-Android-Security-Elevation
 
+Steve Solomon i find it funny considering the fact that a week ago +Art Russ was b*tching about ONE Google employee copying his article on G+ but now he agrees its not a big deal. How ironic.
 
Ahhh sorry! I meant AP. I read both since both sites don't cover everything :) but I do visit your site more often, seems to be updated more.
 
Y'all have too similar names!
 
+Ayman Suleiman Are you seriously comparing blatant 100% plagiarism and re-posting our exact words without credit with this?
 
+Samantha S I'll be glad to give EZ whatever credit he deserves, as per TrevE.
 
+Patrick Scott I was referring to xda's lack of sourcing on a lot of posts including their forum. It really doesn't matter now, since HTC is already patching the issue. Everyone will have forgotten about it in a week.
 
this doesnt even make sense, its easy for two people to get the same information without stealing from each other... especially if they have the same original source.. what ez did was unprofessional.. at most contact in private.
 
Even with reporting news its a who did it first. Maybe the BBC people saw it on police first. Doesn't mean thay police took credit for it. If xda was truly the first, then they should of corrected the BBC people about it. So the importance of our privacy suddenly became least important in this story.... xda has got to get off their ducking high horse....
 
Damn auto correct! FUCKIN high horse... HAHA
 
Whatever happened to community. The Android community found this and HTC is fixing it. Heads are getting to big. Ad dollars and amount of clicks is trumping community. I am not taking shots or sides, it just seems like its all over the place. Without XDA, I would know nothing about my phone, and without AP I would not know anything about my next phone. Both play their part. I was asked at work about this security hole, and I said it was found by Android devs that know what they are looking at. We need this Android community to be together. Together we
 
made HTC unlock bootloaders. Things from dev community have actually made it into official builds. Peace it out. Life is to short. Great work by XDA and AP. Your success is my success.
 
I agree about working as a community again, xda is starting to look the iPhone jailbreak "community "
 
Yeah, I hate ducks too... Let's just blame it on BBC and be done with it ;) 
 
Thanks to both articles for bring this issue to light. Be it XDA discovering it and AP making it more widely known. Failure to cite sources or not, the issue that matters, HTC Logging private data, is more important.
 
We have informed BBC. We appreciate +Art Russ cooperation also. The thing I love about Android is the community, and we need to keep focused on that and build on it rather then tear it down. The hard work that goes into developing the Android Platform and finding flaws, as well as the work ALL newswriters play in making issues like the HTC security flaws known, is admirable. Lets not lose track of whats important.
 
+Art Russ I am simply replying to the comment made earlier about not crediting someone and how you agreed that its not a big deal. I have no interest in the squabble you guys have with XDA.
 
+Art Russ XDA regularly posts stories on their portal, citing posts on their site which are made months and months after those things are figured out by other sites and posted elsewhere. They're portal is far worse journalism than anyone else's in that respect.
 
+Richard Martin Are you even reading what I am writing? I said my reply was directly in response to what +Art Russ said about crediting something and how its not a big deal. I didn't say he did or did not credit XDA. I simple thought it was ironic how one minute he was complaining about someone not crediting his work and how the next minute he is agreeing with someone that people shouldn't fight about who credited who. Please read what I write in its entirety before commenting.
 
Regardless what AP did or didn't do, XDA's got no excuse to do a public call out on another major Android site.
 
I'm with AP all the way. Your article is very well cited, I can't see any reason why this is even a problem other than the fact that you got the mass media coverage and XDA didn't.
 
+Samantha S Please read my update at the top of this page and note that I've updated the story with ez's involvement to the best of my understanding.
 
+Art Russ was it the shame on xda part u were wanting me to look at? I was hoping this thing was over by now. All it is was a case of jumping to conclusions, which we are all guilty of sometimes. No needy to be snidely...just fricken move on.
 
@Art,
Well, I guess it is time for me to respond here. I personally don't care much about you linking to xda on this as you did have contact with TrevE (who is the true source of this) as you claim, I am well aware of it. I was originally not going to do anything about it until I saw the article on BBC. It isn't because of "net cred", or because I am sitting in a high horse, or anything of that sort. The author from BBC read the article in the same way I did (I thought it was just me but apparently not, which is why I jumped). The way the article is worded makes it seem that you guys came up with the whole thing. That is why I got pissed.

In hindsight, I must admit that I have over-reacted and probably my addition to my article where I blamed you was unwarranted. Moreover, I should have likely pointed this out via e-mail. For this, I apologize... sometimes rage, too much coffee, and a mildly bad day can take the best of us. On top of that, I wanted to thank you for taking action swiftly and amending the article to show xda's involvement in the matter. As a few people stated above, I never intended to cause a rift between our communities as I know how big AP is for the Android world as well.

Sincerely,

egzthunder1
Portal Administrator @ xda-developers
 
+Ezequiel Gutierrez Zorrilla Thank you for posting. I do wish things went differently today, but either way, apology accepted, let's put this behind us. I hope you can amend your article as well and have a good night!
Add a comment...