Hacking an Android phone can be as simple as typing in a really long password

Android 5.0 “Lollipop,” the latest version of the Android phone operating system, is vulnerable to a simple hack that involves typing in a password so long that it causes the phone to crash before then booting to the unlocked home screen.

The vulnerability, discovered by John Gordon, is easy to exploit: simply open the phone’s “Emergency Call” feature, type a few characters and the repeatedly copy-and-paste them. The pasted text becomes longer and longer — Gordon’s reaches over 160,000 characters — and, as such, harder for the phone to handle.

Next, open the camera app which causes the phone to ask for a password into which the 160,000 character string is pasted. After a few minutes the phone restarts, booting straight to the unlocked home screen.

Gordon told CNN Money that he informed Google in August and the company has released a patch, but many users could remain affected due to the lag in Android software updates.

This hack is the latest in a long line of vulnerabilities that appear in major operating systems, including a text message hack that affected Android which was discovered in July and a malware hack that affects iOS discovered in September.

Source:http://www.businessinsider.com.au/android-50-password-hack-2015-9

. . . . . . . .

Leave a Reply