Android 5.0 smartphones are in danger of being hacked via a bug that allows intruders to override the lock screen security manually.
For Android 5.0 users who use a password to activate the lock screen security, there has been a new hack discovered that can give other people the ability to open smartphones running on version 5.0 to 5.1 by just typing in random characters. According to Wired, a University of Texas security analyst named John Gordon found out about this flaw while he was on a long road trip to East Texas.
According to the report, Gordon outlined how the hack can be done. He first accessed the phone's emergency call dialer then punched in random characters until the limit is maxed out. He copied the string of characters on the clipboard then continuously pressed the camera's shutter icon until a prompt comes up asking for a password. He then pastes the characters then the home screen magically appeared like the owner himself typed in the right password.
Gordon then expressed concern over the potential problems the bug can cause saying, "My concern when I found this was thinking about a malicious state actor or someone else with temporary access to your phone. If, say, you give your phone to a TSA agent during extended screening, they could take something from it or plant something on it without you knowing."
Meanwhile, in a post by ARS Technica, the bug was already reported by Gordon to Google and a patch has been released last week for the Nexus 4, 5, 6, 7, 9 and 10. However, it takes time for Android users to get an update for their phones with some not receiving one for a year or two. It is a good thing though that only the version 5.0 is affected and users can easily switch their password security for the lock screen into pattern-based or PIN which are not susceptible to such a hack.
