Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Lollipop Can Be Hacked With Very Long Password

Posted by timothy on from the ipso-facto-presto dept.

Complex passwords are the way to beat some attacks, but for phones running the latest version of Android, that's not necessarily so: puddingebola writes with an excerpt from an article at CNN: Locked phones require a passcode. But there's a way to get around that. Just type in an insanely long password. That overloads the computer, which redirects you to the phone's home screen. It's a time-consuming hack, but it's actually easy to pull off. In a report published Tuesday, computer security researcher John Gordon documented the vulnerability and posted a video of the hack. It only affects smartphones using the latest version of the Android operating system, Lollipop.

4 of 170 comments (clear)

  1. Article is bullshit by bluefoxlucid · · Score: 5, Funny

    That's impossible. It's Java! Java can't have security holes! Everyone knows you don't write C because C has buffer overflows and can cause security problems when you paste in very long strings, and that NEVER happens with Java! Java is perfect! Everything you write in Java is perfectly secure! Ask any Java programmer!

    --
    Support my political activism on Patreon.
  2. Re:And it has been fixed by Anonymous Coward · · Score: 2, Funny

    The hack works for extremely large thumbs.

  3. Exploit exists on iPhone 5 as well... by Anonymous Coward · · Score: 0, Funny

    Confirmed :: this exploit exists in an iPhone 5 with firmware version 3.11.2b.

    I set my iPhone's password to 56 i's (just to test), and entering that password unlocks the phone.

  4. Re:Speaking of OLD by jason.sweet · · Score: 3, Funny

    Maybe you could put your phone down, and make my fucking burger.