January 11, 2010

1233226091686

Android OS version 2.0.1, which all up-to-date Droids are running, has a bug that makes it fairly easy to bypass the phone’s screen-lock security mechanism. The security feature, when working, requires users to input a pattern using onscreen dots before they can access most of the phone’s features (the iPhone offers a similar option).

Exploiting the bug is fairly simple: while receiving an incoming call on a Droid that has its Lock screen activated, you can simply hit the dedicated ‘Back’ button to bypass the lock and jump to the homescreen. This, of course, gives access to the owner’s Email account, cookied web pages, phone directory, and everything else stored on the phone. You can take a tiny bit of solace in the fact that the thief would have to know your phone number or wait for someone to call your phone to exploit the bug, but that’s not particularly reassuring. The issue was first reported earlier today by The Assurer, which says that it is apparently only affecting Android version 2.0.1 on the Droid.

Google about the issue, and a Google spokesperson gave us the following statement:

“We are aware of the issue and we’re working to deliver a fix to Motorola Droids shortly.”

Android 2.0.1, droid, google, Lock Screen, Motorola, security, Verizon, loophole, security breach, droid 2.0.1 update problems, issues, unlock seen lock

Tagged
Different Themes
Written by Adam

Hotmobilebuzz.

1 comment:

  1. Is it just me, or is orientation switching a lot more stable and responsive with this update? With 2.0, I had gotten into the habit of flicking the phone forward and tilting it back to get it to recognize the change in orientation from portrait to landscape and vice-versa; after applying the update, I haven't had to do that at all. Nothing about that is listed in the updated features, though…

    ReplyDelete