Android Lock defeated by ‘back’ button

Attention Droid owners, Android OS version 2.0.1 has a flaw that makes it possible to bypass the phone’s screen-lock security mechanism. The security feature requires users to input a particular pattern using the onscreen dots before they can access most of the phone’s features.

Utilizing the bug is fairly simple: while receiving an incoming call on a Droid that has its Lock screen activated, you simply hit the ‘Back’ button to bypass the lock and access the homescreen; giving access to Email account, cookied web pages, phone directory, and everything else stored on your phone.

So far this only affects the Android version 2.0.1 on the Droid, there are no details about the Milestone yet.   Google has released this statement about the problem:

“We are aware of the issue and we’re working to deliver a fix to Motorola Droids shortly.”

So Droid users – be patient and keep your phones close.  If you are still worried, you can download the Lock 2.0, it’s an alternate lock screen for your Android.  The silver lining is that the phone goes back to being locked as soon as the incoming call ends.

Source: Techcrunch


Posted in: Uncategorized

2 Comments

  1. Jason says:

    Geir Ove, If you honestly think that this accidental flaw is what you can expect from Android, then perhaps you shouldn’t be using it.

    I know of a least 4 ways to lock my phone and worse case scenario if you don’t know how, just hit the home button. I doubt your pocket will be able to click the call button then the end button.

    And how exactly is data accidentally entered by a wrong entry? Are you saying “if I accidentally hit ‘t’ then all of a sudden there’s a ‘t’?” C’mon.

  2. Geir Ove says:

    Hello,

    This bug is also on the HTC Desire with android 2.1. I think it is nothing short of PATHETIC to release something like this. Is this what we can expect of the linux based android?

    Sorry, I like my phone, but there are far too many impractical things. E.g. Receicing a phone call, want to put the phone in my pocket when using my Bluetooth handset. But there is no way to LOCK the screen by a simple key press to avoid accidental hangup.

    There is also way too many places where data may be accidently entered or lost by a wrong entry.

Leave a Comment