LONDON: A security flaw in Android that lets people bypass the lock screen on a mobile device has been discovered by researchers at the University of Texas.
On certain Android phones running unpatched versions of the OS, inputting hundreds of characters for a password on the device’s lock screen causes the smartphone to throw up the white flag and authenticate a user-no matter the combination of characters you try. Unfortunately the effect of that crash is to drop you onto the phones home screen, thus allowing complete access to the phone. Et voilà, the hacker is given full access to the device, in spite of any previous encryption.
However, for the technique to succeed, John Gordon, security analyst at the University of Texas, said that the camera application was active throughout the procedure. These kinds of threat can be avoided by just switching to PIN or pattern-based lock screen to avoid potential hack and loss of personal data.
The latest Android phone flaw is sheer stupidity. “Double-tap the characters to highlight them and tap the copy button; then, tap once in the field and tap paste, doubling the characters in the field”. Basically it would seem that just by entering a super long string of random characters, one could crash the phone and cause it to unlock. Then go to Settings and wait for the smartphone to request a password.
