Droid security flaw disclosed – don’t push the “Back” button

Jan 11, 2010
0

The iPhone’s software has been on the receiving end of many security flaw jokes, but now the Droid’s Android 2.0.1 (only this version) has developed its own glaringly open flaw that allows anyone to easily bypass your dutiful password screen with the mere touch of a button.

As standard procedure, Droid users must input a “password” pattern utilizing on-screen dots, and the “password” confirmed before they can access their homescreen and phone functions.  What’s been just found is that when the phone is receiving an incoming call, all someone has to do is tap the Back button after accepting an incoming call and an unfortunate voilà, he /she has God-mode access to you emails, contact lists – umm...basically your entire phone, that is.

Google seems to be “aware of the issue” and is working on a fix, but has not announced any timetable for just how long they’ll be able to fix this problem.  Of course, in the meantime, just hope Aunt Marie doesn't call when your phone is out of your hands.


Must Read Bits & Bytes