Trying to hack an Android? Just keep typing random letters

Gigaset Android phones
Andy Boxall/Digital Trends
To the average, untrained, movie-watching layman, the process of hacking into a phone or computer system may just seem like a lot of rapid and random typing, with hopes of accidentally cracking some secret code. Unfortunately, when it comes to the Android Lollipop operating system, that’s actually all it takes to bypass the lockscreen — just keep entering random letters, and eventually, you’ll overload the phone and proudly label yourself a successful cellphone hacker.

“By manipulating a sufficiently large string in the password field when the camera app is active, ” John Gordon of the University of Texas at Austin said, “An attacker is able to destabilize the lockscreen, causing it to crash to the home screen.” Yikes.

This rather alarming vulnerability, recently discovered by researchers at the University of Texas in Austin, is said to affect around 21 percent of phones, but only those running Lollipop, and only those with a text password. Users who employed PINs or pattern locks did not face the same issue (though these sorts of passwords certainly come with issues of their own).

Gordon told Slate that he discovered the vulnerability by complete accident while playing with his phone during a lengthy road trip. “I’m sitting in the passenger seat, bored, with no signal on my phone, so I start poking around and seeing what unexpected behavior I can cause,” he said. “A few idle hours of tapping every conceivable combination of elements on the screen can do wonders for finding bugs.”

Happily, Google has already rolled out a patch for affected devices, including the Nexus 4, 5, 6, 7, 9, and 10. Still, other phone makers will need to distribute the appropriate software to their own devices to ensure a complete fix to the issue.

The problem, while not particularly widespread, certainly seems like a significant cause for concern, as one would hope that today’s phones are sophisticated enough to withstand “attacks” that are little more than a system overload generated by, well, lots of letters. After hacking into the phones, researchers at UT were able to access everything available on them, including data, applications, photos, and more.

Of course, the hackers would need to have physical access to your phone in order to do any damage, and you could avoid the situation altogether by simply implementing a PIN or pattern to protect your phone, but still, this latest revelation doesn’t exactly inspire faith in the software.

That being said, ExtremeTech points out that there really isn’t anything to worry about, and that such vulnerabilities are discovered and subsequently addressed relatively frequently. As Ryan Whitwam writes, “This is how software patches work when handled responsibly — an issue is reported, a patch is issued, and the method is disclosed. There’s nothing unusual about this flaw, and there aren’t millions of phones out there with broken lock screens. Don’t believe the hype.”


Zombieload forces a choice between performance and security. What will you do?

Intel has handled the recent discovery of a security vulnerability in its CPUs with confidence, a contrast to its reaction to Spectre and Meltdown. But with ZombieLoad, performance and security seem to be at odds, and you have to choose.
Social Media

Millions of Instagram influencers reportedly had private data exposed online

As many as 49 million Instagram influencers have reportedly had their private data exposed in an online database that had no password protection. The database was apparently created by a marketing firm and has been taken offline.

Some Pixel 3a owners say their new phone is randomly shutting down

Some owners of Google's new Pixel 3a and Pixel 3a XL smartphones are complaining that their devices are randomly shutting down. The mid-range handsets hit the market just two weeks ago.

Google recalls Titan Security Key due to hijack risk

Google is offering a free replacement for the Bluetooth Low Energy version of the Titan Security Key. A misconfiguration was discovered in the device, though hackers looking to exploit the vulnerability will find it difficult to do so.

Motorola One Vision vs. Nokia 7.1: Which is the best budget phone for you?

If you're trying to decide whether the Motorola One Vision or the Nokia 7.1 would be a better buy, then we've got you covered with this comparison. Find out exactly what sets these Android phones apart and which is best for you.

Samsung adds One UI and battery boosts to Galaxy Watch and Gear smartwatches

Samsung has updated software for its Galaxy Watch, Gear Sport, and Gear S3 watches to implement its updated and simplified One UI interface. The update also offers new watch faces, battery life improvements, and health and fitness features.

Realme starts selling phones in the U.K., and its low prices aren’t fiction

Realme, a Chinese smartphone manufacturer from the same group as OnePlus, Vivo, and Oppo, has launched its first device in the U.K. and Europe. The Realme 3 Pro is a competitively priced phone with an impressive specification.

The best OnePlus 7 Pro cases to keep your OnePlus in one piece

The OnePlus 7 Pro is OnePlus's latest flagship killer, and it's an incredible phone. But it's expensive, and it's not going to protect itself. Get solid protection in the style you want with the best OnePlus 7 Pro cases.

The Samsung Galaxy Tab S4, the best Android tablet in the game, is now $152 off

Apple dominates the tablet market, but others are catching up: The Samsung Galaxy Tab S4, our favorite Android tablet, proves that these devices have what it takes to compete with the iPad Pro -- and it's on sale right now for just $498.

Here are some common Kindle Fire problems, and how to fix them

Is your Amazon tablet giving you grief? Is it refusing to behave the way you expect? Take a deep breath -- everything will be fine. Here are some widely reported Kindle Fire problems and a few possible solutions to go with them.
Digital Trends Live

Digital Trends Live: Google and Huawei, Alphabet’s meatball drones, and more

On Monday's episode of DT Live, we discuss the ongoing battle between Google and Huawei, Alphabet’s meatball-delivering drones, Facebook’s secret robot division, deepfake Joe Rogan, and more.

The Commerce Department implements a temporary reprieve to Huawei

Google has severed most of its partnerships with Huawei, after its addition to the "Entity List" of the U.S. Department of Commerce. Future Huawei devices will lose access to the Google Play Store, Chrome, and Android updates.

Here's our first look at the Galaxy Note 10's centered selfie camera

The Samsung Galaxy S10 range was only just revealed, but Samsung is already working on the next big release. Not much is known about the Samsung Galaxy Note 10 just yet, but we do have a few details.

OnePlus 7 Pro vs. Samsung Galaxy S10 Plus: Which Android powerhouse is for you?

If you're after a real powerhouse of a smartphone, then you've probably considered the Samsung Galaxy S10 Plus. But you could save yourself some cash by opting for the OnePlus 7 Pro. Find out what sets these phones apart in our comparison.