Lollipop’s troubles have been made very visible by the tech media to the national media. In the second case, it was with Android 5.0’s Stagefright vulnerabilities that led to the pouring of vows to step up security updates. And while the move to Marshmallow is ongoing and might bring a whole new slew of scrutinizing eyes to the Android platform, some phones will have the dubious honor of carrying Lollipop as their mature version of the OS. That makes this security hole a must to watch for.

Phones running 5.0-5.1.1 which have not been recently updated with the “LMY48M” 5.1.1 revision and have a password-secured lock screen are at risk for a trick which obviates the password. The process takes about 10 minutes and undivided attention on the phone:

  1. The hacker turns on the phone and prompts the emergency call dialer.
  2. The hacker then prepares an extremely large string of characters which will then be copied to the Android clipboard.
  3. The hacker then enters the camera from the lock screen and accesses the options menu which triggers a password prompt (supposedly, you can also enter into the gallery which will do the same).
  4. The hacker pastes and enters the string of characters.

And with some chugging, the phone unlocks, providing the hacker to all the data inside of it.

If you have a phone that falls into that above subset of circumstances, the best advice we can give is to switch over to a PIN or pattern lock, both of which seem unaffected by the bug.

Source: jgor null (YouTube), Ars Technica
Via: XDA-developers




Jules Wang is News Editor for Pocketnow and one of the hosts of the Pocketnow Weekly Podcast. He came onto the team in 2014 as an intern editing and producing videos and the podcast while he was studying journalism at Emerson College. He graduated the year after and entered into his current position at Pocketnow, full-time.

You May Also Like
Apple’s latest 2021 10.2-inch iPad and more are on sale
Check out the latest deals on Apple’s ninth-generation iPad and more iPad models that are currently on sale
iPhone 13 lineup launch september
iPhone 13’s rumored satellite communication feature will be limited to ‘select markets’
Bloomberg’s Mark Gurman that even if Apple launches the iPhone 13 series with LEO satellite communication feature, it would be available in select markets.
whatsapp featured image
WhatsApp to introduce end-to-end encrypted cloud backups on Android and iPhone soon
WhatsApp is continuously working to add more and more features to the…