Wednesday, September 16, 2015
Android 5 phones (other than Lollipop) - (Lock-screen) Password can be easily bypassed by typing any long string.
This is plain and simple failure in app testing.
However, it has been fixed so go ahead and upgrade.
From the article:
Unless they've been fully patched to version 5.1.1 including last week's security updates.
Yes, by typing in too many characters, you can kill off the security mechanism and gain full access to the device, even if its filesystem is encrypted – miscreants can exploit this to run any application, or enable and developer access to the device.
The attack only works if the gadget has a lock-screen password set, the researchers note: the attack doesn't work against pattern or PIN setups.
For more info:
http://www.theregister.co.uk/2015/09/16/google_patches_android_lockscreen_bypass_nexus/
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment