Android Vulnerability Allows Lock Screen Bypass

A vulnerability exists in certain Android operating systems, which would be the versions 5.0 through 5.1.1. This permits an assailant to go around or crash the lock screen and achieve full entrance to a locked device even if encryption is supported. By deploying an adequately hefty string in the secret code field when the camera app is active, an 'enemy' is able to subvert the lock screen initiating it to crash to the home screen.

At the moment, haphazard applications can be run or such entry can be established to achieve full access to the device and expose any information enclosed therein. The University of Texas has uncovered this proneness and conveyed to the Android security group back in June with an update that repairs the trick, appearing this month.

The attack depends on the enemy partaking physical access to the device and the manipulator -- having a watchword set. The forced action itself includes inflowing a hefty string of typescripts into the password area whereas the camera app is dynamic. By exploiting this, the invader is able to crack the lock screen and gain access to the home screen. At this time, the device is wide open and the enemy has full entry to device, even with the encryption enabled.

A blog has been made by the University of Texas to showcase such vulnerability with a step by step guide about it with a video for concept proof. For the Android population who are yet to obtain the fix or the update, the workaround is to use a pin-based or pattern-based lock screen, which are not predisposed to this spell.

As many consumers have witnessed over the past years, existing lock screen settings are nothing new between and among the mobile communities, not to mention the iOS misery from a few outbreaks.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics