1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Android security flaw lets attackers in using a large password

Discussion in 'Android Phones' started by ireland, Aug 20, 2015.

  1. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    Yet another Android app security bug: This time 'everything is affected'

    Yet another potentially serious security flaw has been revealed in Android.

    This time the problem involves the mobile operating system's ability to run more than one app at once – rather than the handling of multimedia messages, which was the crux of a cyber of recent vulnerabilities*.

    The latest security blunder opens the door to a variety of threats, including spying on device owners, stealing login details, installing ransomware, and so on, it is claimed.


    READ MORE

    http://www.theregister.co.uk/2015/08/20/android_multitasking_flaw/
     
  2. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    Major Android remote-access vulnerability is now being exploited [Updated]

    Based on anonymized data collected from users of an app designed to check for a newly revealed vulnerability in many Android devices, Check Point discovered that one application in the Google Play store is exploiting the vulnerability to gain a high level of access to the Android OS, bypassing user permissions—and bypassing Google’s security scans of Play applications to do so. Update: A Google spokesperson told Ars that the offending app has been suspended in the Play store.

    http://arstechnica.com/security/201...rstechnica/index+(Ars+Technica+-+All+content)
     
  3. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    Last edited by a moderator: Sep 3, 2015
  4. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    Android security flaw lets attackers in using a large password

    There have been plenty of security holes involving mobile device lock screens, but a recently discovered Android flaw may give you more reasons than usual to be cautious. The technique bypasses the lock screen on most versions of Android Lollipop by crashing it with any large-enough password -- all you need to do is work with that text while the camera app is open, and then enter it into the password prompt. When the attack works, you have as much access as the hardware's rightful owner.

    The exploit has already been fixed through a security update for Google's Nexus devices, and it doesn't work if you're using either a PIN code or a pattern unlock. The odds that you'll fall prey to this attack aren't high, folks. Even so, there are a few reasons to be concerned. While Android device makers are getting better about timely security fixes, you may be stuck with hardware that either gets its patch late or not at all. And if you're vulnerable, you may have to switch to a more predictable unlock method just to avoid the glitch. While this isn't the end of the world by any stretch, it's not exactly comforting.

    WATCH VIDEO HERE

    http://www.engadget.com/2015/09/16/android-lock-screen-bypass-flaw/

    Upgrade to iOS 9 Now, Your Android Password Is Useless… [Tech News Digest]
    http://www.makeuseof.com/tag/upgrade-ios-android-password-useless-tech-news-digest/

    Here’s why you shouldn’t panic about the Android lock screen hack
    http://www.extremetech.com/mobile/214423-heres-why-you-shouldnt-panic-about-the-android-lock-screen-hack?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+ziffdavis/extremetech+(Extremetech)


     
    Last edited: Sep 17, 2015

Share This Page