The latest Android phone flaw is sheer stupidity.
Locked phones require a passcode. But there's a way to get around that. Just type in an insanely long password. That overloads the computer, which redirects you to the phone's home screen.
It's a time-consuming hack, but it's actually easy to pull off.
In a report published Tuesday, computer security researcher John Gordon documented the vulnerability and posted a video of the hack. It only affects smartphones using the latest version of the Android operating system, Lollipop.
It's basically a game of copy-and-paste.
From the locked screen, open the phone's "Emergency Call" feature. Type a few characters, then copy-and-paste the text repeatedly. The character "string" grows exponentially, so it quickly becomes close to 40,960 characters long.
Then open the phone's camera app and prompt the phone to request a password. Paste the super long character string a few times until the system crashes. (Based on Gordon's video, it looks like 163,840 total characters.)
Wait maybe five minutes, and the phone goes straight to the unlocked home screen.
Gordon warned Google (GOOGL) about the vulnerability back in August, so the company released a patch for the flaw last week. But phones will remain vulnerable until they're updated with the latest software patch.
The patch is already available for Google's own line of phones -- the various Nexus models. But there's no telling when it'll reach Android devices made by Samsung, LG and others. Blame the Android's fractured updating system, which is slowed down by phone manufacturers and cellphone network carriers.
Google has acknowledged the flaw, saying that the hack lets someone who grabs your phone "view contact data, phone logs, SMS messages, and other data that is normally protected."
Content created and supplied by: Mitchelletete_22 (via Opera News )
Opera News is a free to use platform and the views and opinions expressed herein are solely those of the author and do not represent, reflect or express the views of Opera News. Any/all written content and images displayed are provided by the blogger/author, appear herein as submitted by the blogger/author and are unedited by Opera News. Opera News does not consent to nor does it condone the posting of any content that violates the rights (including the copyrights) of any third party, nor content that may malign, inter alia, any religion, ethnic group, organization, gender, company, or individual. Opera News furthermore does not condone the use of our platform for the purposes encouraging/endorsing hate speech, violation of human rights and/or utterances of a defamatory nature. If the content contained herein violates any of your rights, including those of copyright, and/or violates any the above mentioned factors, you are requested to immediately notify us using via the following email address operanews-external(at)opera.com and/or report the article using the available reporting functionality built into our Platform See More