[olga421]

The security researcher John Gordon*has discovered a very simple way to bypass the mobile lock feature implemented on smartphones running Android 5.0 and 5.1 (Build LMY48M).

Mechanisms like Password lock, Pattern lock and PIN lock are used by almost every mobile user*to protect his device from unauthorized physical access.

Gordon discovered a vulnerability that could be exploited to unlock an Android smartphone (5.0 build LMY48I) with locked screen. The operation causes the crash of the user interface for the password screen and open the doors of the device.

The vulnerability dubbed as �Elevation of Privilege Vulnerability in Lockscreen� has been coded as*CVE-2015-3860.
Below the steps to unlock the screen by forcing the camera app crash.

Get the device and open the Emergency dialer screen.
Type a long string of numbers or special characters in the input field and copy-n-paste a long string continuously till its limit exhausts.
Now, copy that large string.
Open up the camera app accessible without a lock.
Drag the notification bar and push the settings icon, which will show a prompt for the password.
Now, paste the earlier copied string continuously to the input field of the password, to create an even larger string.
Come back to camera and divert yourself towards clicking pictures or increasing/decreasing the volume button with simultaneously tapping the password input field containing the large string in multiple places........i hope BlackBerry rectifies this on there new phone

Posted via CB10

[Gajja]

The security researcher John Gordon*has discovered a very simple way to bypass the mobile lock feature implemented on smartphones running Android 5.0 and 5.1 (Build LMY48M).

Mechanisms like Password lock, Pattern lock and PIN lock are used by almost every mobile user*to protect his device from unauthorized physical access.

Gordon discovered a vulnerability that could be exploited to unlock an Android smartphone (5.0 build LMY48I) with locked screen. The operation causes the crash of the user interface for the password screen and open the doors of the device.

The vulnerability dubbed as “Elevation of Privilege Vulnerability in Lockscreen” has been coded as*CVE-2015-3860.
Below the steps to unlock the screen by forcing the camera app crash.

Get the device and open the Emergency dialer screen.
Type a long string of numbers or special characters in the input field and copy-n-paste a long string continuously till its limit exhausts.
Now, copy that large string.
Open up the camera app accessible without a lock.
Drag the notification bar and push the settings icon, which will show a prompt for the password.
Now, paste the earlier copied string continuously to the input field of the password, to create an even larger string.
Come back to camera and divert yourself towards clicking pictures or increasing/decreasing the volume button with simultaneously tapping the password input field containing the large string in multiple places........i hope BlackBerry rectifies this on there new phone

Posted via CB10

You are assuming the slider will run straight up Android. Which may not be the case. BB take security and privicy very seriously. We will see what they are offering in terms of the slider soon enough IMHO.

[Uzi]

Great you already know how is the security on unreleased phone?

[olga421]

Very true Gajja I hope your right, I hope they don't get sloppy

Posted via CB10

[TGR1]

The security researcher John Gordon*has discovered a very simple way to bypass the mobile lock feature implemented on smartphones running Android 5.0 and 5.1 (Build LMY48M).

Mechanisms like Password lock, Pattern lock and PIN lock are used by almost every mobile user*to protect his device from unauthorized physical access.

Gordon discovered a vulnerability that could be exploited to unlock an Android smartphone (5.0 build LMY48I) with locked screen. The operation causes the crash of the user interface for the password screen and open the doors of the device.

The vulnerability dubbed as “Elevation of Privilege Vulnerability in Lockscreen” has been coded as*CVE-2015-3860.
Below the steps to unlock the screen by forcing the camera app crash.

Get the device and open the Emergency dialer screen.
Type a long string of numbers or special characters in the input field and copy-n-paste a long string continuously till its limit exhausts.
Now, copy that large string.
Open up the camera app accessible without a lock.
Drag the notification bar and push the settings icon, which will show a prompt for the password.
Now, paste the earlier copied string continuously to the input field of the password, to create an even larger string.
Come back to camera and divert yourself towards clicking pictures or increasing/decreasing the volume button with simultaneously tapping the password input field containing the large string in multiple places........i hope BlackBerry rectifies this on there new phone

Posted via CB10

Can you post a link? I couldn't readily find the source. Thanks.

[howarmat]

i saw this hack yesterday and it was not easy buy any means to pull off. Its been patched already as well.

Here is a link

http://arstechnica.com/security/2015...ocked-devices/