We want to bring to your attention that if you are an android user running Lollipop that rely on a password instead of a Personal Identification Number (PIN), fingerprint or pattern lock to protect your device, then, you have to consider switching to other security measures because you are not save at all.
Technology researchers at the University of Texas in Austin, United States have found an incredibly easy way to crash the lock screen of the device and gain access to it without wasting time.
According to Tech Spot, the vulnerability in Android Lollipop 5.0 through 5.1.1 (before build LMY48M), requires an attacker to have physical access to the device that is using a password as its security measure.
In this demonstration video below, what the attack needs to do is to open the emergency call window, enter many characters (such as asterisks), then copy and paste the string repeatedly until it is very long enough.
The attacker will then heads back to the lock screen and swipe left to open the camera and then swipe to open the notification drawer and tap the settings icon. This will automatically load a password prompt for the attacker.
From there, it is just a matter for the attacker to paste the character string as many times as possible. This will crash the User Interface of the device. After that the attacker will have access to what you think you have secured.
Therefore, it is simply advisable to avoid using a password on the lock screen and instead, rely on a PIN, fingerprint or pattern lock.
In June this year, researchers were said to have privately reported the vulnerability to Google’s Android security team. In July 1, the vulnerability was confirmed and assigned a low severity rating which was bumped up to moderate a couple of weeks later.
Recently also, all of Google’s official Android 5.x releases for its Nexus line of devices (Nexus 4, 5, 7, 9 and 10) were plagued by a memory leak issue. The Android 5.1.1 build LMY48M was released on September 9 and contains a fix for Nexus devices.
You want to support Anonymous Independent & Investigative News? Please, follow us on Twitter: Follow @AnonymousNewsHQ
This Article (Android 5.x Lock Screen Can Be Unlocked Using Long Password [Video]) is free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com