This isn’t news to miss. All users of smartphones operated by Android Lollipop should be aware that they’re at risk due to a recently discovered security flaw.
Basically, any user that protects their Android Lollipop-run smartphone with a password screen are at risk of being easily hacked. The security flaw with Android Lollipop was discovered by security researchers with the University of Texas, Austin and demonstrated on a Nexus 4 smartphone.
When protecting the lock screen with a pin or a security pattern the same issue didn’t same to pose trouble. Yet, when the first thing that’s prompted in front of a potential attack on an Android Lollipop phone is a lock screen requesting the user’s password, this can easily be broken.
According to the researchers, it’s in fact a piece of cake. Simply typing or entering a large string of characters or text in the password field will cause the lock screen to collapse, allowing access to all the functions of the device as the hacker pleases.
However, for the technique to succeed, John Gordon, security analyst at the University of Texas, said that the camera application was active throughout the procedure. Copying a large string of characters while the camera was active led to the crashing of the lock screen and a successful return to the home screen.
“Type a few characters [in the emergency call screen], e.g. 10 asterisks. Double-tap the characters to highlight them and tap the copy button. Then tap once in the field and tap paste, doubling the characters in the field. Repeat this process of highlight all, copy, and paste until the field is so long that double-tapping no longer highlights the field. This usually occurs after 11 or so repetitions.”
Sure, it might sound like a lot of work. In addition, the alleged hacker would have to gain access to your phone and be in possession of it for quite a while. The thing is that if these conditions are met, then the unlocking an Android Lollipop-run smartphone could be ea easy as a walk in the park.
Google was of course informed of the security flaw discovered at the University of Texas, Austin. And according to official statements, a security patch was already issued.
Photo Credits: latinpost.com