For their method, the researchers abuse of a bug in the password field.
If there is a very long password stuck in while the camera is running, crashing the phone and the home screen is displayed. Then take control of the phone can be taken over completely
The bug does not affect people who use a PIN or pattern ontgrendelmethode
.. <- block: | video starts -> <- block | video end ->
It takes several minutes to abuse of the leak, because a longer and longer sequence of characters to be copied and pasted into the password field. In a video demonstration, the researchers from the University of Texas how that works.
All devices with Android 5.0 and 5.1 are vulnerable. Only in the last security update, which was sent recently to Nexus phones, the error is corrected
No comments:
Post a Comment