PDA

View Full Version : Safer computing - 21/9/15


Wally
22nd September 2015, 04:31 PM
Better late than never..

B U L L E T I N (ID: HKRI-A2KJQE)

A security flaw in Android that lets people bypass the lock screen on a mobile device has been discovered by researchers at the University of Texas.

To bypass the lock-screen an attacker has to have physical access to your device, and the device needs to be set to lock with an abnormally long password -not a PIN or pattern.

The bug only affects devices running Android 5.x (before build LMY48M); Android 4.4 is also affected, but Google said the home-screen cannot be accessed on 4.4.

The exploit works by entering an extremely long string of characters into the password field while the camera is open, which causes the device to crash back to the home screen

After crashing the lock screen, the researchers were able to access the phone's data and apps. The vulnerability could not be exploited if people had chosen a lock pattern or Pin code instead of a password.

Google issued a patch for its Nexus devices on Wednesday. While Google is rolling out its fix for Nexus, other phone manufacturers are responsible for distributing the software to their own handsets.