Results 1 to 3 of 3

Android Lockscreen Vulnerability

  1. #1
    Banned
    Join Date
    Sep 2015
    Posts
    208

    Default Android Lockscreen Vulnerability

    Securing a mobile phone with a password usually provide a peace of mind. But what if lockscreen with strong password can be bypassed by a hacker? The possibility of accessing our mobile's data can be done freely by cyber criminals.

    I have read a news about the vulnerability discovered on Android 5.1.1 Lollipop. Hackers can actually bypass the lockscreen and gain access on mobile devices. Although Google already issued a patch to fix the problem, hackers can have a field day of exploiting the recently discovered vulnerability on Android products.

    The text field lockscreen type that needs data entry is not safe. The hack needs a text pasted to crash the lockscreen. Entering a long strings of text on the field while the camera is active could crash the phone. Then it is the time for the hacker to attack. University of Texas Security Reasearcher John Gordon posted a video showing a detailed scenario.



    Mobile device users should take three critical steps to protect themselves against the vulnerability, said Xu Xin, chief mobile security expert at 360 Total Security.

    They should keep systems updated with the latest version. They should install antivirus software and keep the virus database updated in real time, periodically scanning their mobile phone. Also, they should close the USB debugging function, he told LinuxInsider.

    Do not stop there, suggested Leon. Users need to find out if their version is affected by going into the Settings screen's About section.

    "If the version matches 5.0 up to 5.1.1 on a non-Nexus device, then they are probably vulnerable. If unsure, they need to check with the manufacturer or carrier to see if a recent patch fixed it, or if there is one coming down the line," he said, noting that the most immediate way to protect themselves is by switching from a password to a PIN or pattern-based lock screen.

  2. #2
    Gold Member webworld's Avatar
    Join Date
    Sep 2015
    Posts
    793

    Default

    That is really scary I think. I also read it on web. But to be safe you can use a PIN, pattern lock or fingerprint instead of a long password. That will work fine to get rid of this issue.

    Even though Google has already introduced a patch to this issue, the confidence level of users might have been shattered. It reemphasizes the fact that anything that can be accessed can be hacked too. Hackers are always on the lookout for any vulnerabilities in the system.

  3. #3
    Banned
    Join Date
    Sep 2015
    Posts
    208

    Default

    Quote Originally Posted by webworld View Post
    That is really scary I think. I also read it on web. But to be safe you can use a PIN, pattern lock or fingerprint instead of a long password. That will work fine to get rid of this issue.
    Yes, you're right @webworld. At this very moment, if your using a Lollipop Android version, the very best thing to do is avoid using a password that enable data entry. Also, take note of the steps that protects the device against cyber criminals. First, the system should always be updated with the latest version, second is to install anti-virus application and keep the virus updated in real-time, lastly close USB Debugging function. Seeking manufacturer assistance with the update on the patch is also adviced.

Similar Threads

  1. Firefox 3.6 critical vulnerability- await update.
    By essbebe in forum Software News, Previews and Reviews
    Replies: 0
    Last Post: 22nd February 2010, 10:27 PM
  2. BSOD after patching 17 year old MS windows vulnerability
    By meetdilip in forum Software News, Previews and Reviews
    Replies: 0
    Last Post: 13th February 2010, 03:14 PM
  3. Microsoft set to patch 17 year old vulnerability
    By meetdilip in forum Software News, Previews and Reviews
    Replies: 1
    Last Post: 5th February 2010, 07:12 PM
  4. Online Vulnerability Checker - A MUST
    By hitesh.07 in forum Computer Security
    Replies: 1
    Last Post: 29th November 2008, 08:47 AM
  5. Cisco VoIP Vulnerability Rated A 10
    By Admin in forum Voice over IP
    Replies: 0
    Last Post: 16th July 2006, 11:48 PM