We’ve seen plenty of hacks that bypass a phone’s lock screen. While manufacturers are busy trying to fix all the holes, hackers are always continuously looking for new exploits. The latest one is a way to bypass an Android lock screen by crashing the device while the camera app is running.
According to the video, the flaw works on Android 5.x, and was demoed on a Nexus 4 running on Android 5.1.1. All you need to do is just activate the emergency dialler on the lock screen, and key in a string of text (asterisk was used as an example). Highlight and copy the text, and paste it back into the text field. Repeat that for 11 times or so, and copy the string of text to the clipboard again.
After that, go back to the lock screen, and activate the camera shortcut and pull down the notification menu from the top of the screen, then tap the Settings icon, causing a password prompt to appear. In the password field, paste the characters into it, and continue to paste as many times as possible until the UI crash and the soft-buttons at the bottom of the screen disappear (the camera app will expand to full screen). After that, just sit and wait for the camera app to crash, and you will be at the home screen.
Fortunately though, the flaw only works if you use Password as your device lock – it doesn’t work for PIN code or pattern unlock. Google has also patched it through a security update for Google Nexus devices. Although companies like Google have already promised to issue timely security fixes, it’s always a good idea to use a secure way to lock your device, and use apps like Find my iPhone or Android Device Manager to manage and track your device so you can erase them should they get stolen.
(Source: University of Texas via: Engadget)
