Bypassing the Android pattern lock
By Tim Brown
At the back end of last year I got a Sony Erricson X10 only to discover that it was still running Android 1.6. This didn't bother me too much at the time as it had all the features I was after (web, SMS and voice) and I left it as it was. Recently however I've been getting into Android security, inspired first by Nils talk at CRESTCon and more recently by some for a client. Anyway, throughout this time, I became aware of an issue that affects the X10. It seems that it is possible to bypass the pattern lock and gain access to data on a locked device. So how is this possible? Take a look at the following:
Although the movie is a little jerky, from a locked phone access the Emergency Dialler function and then hit the back button. On the X10, this opens a small window of opportunity in which the unlocked screen can be manipulated (typically long enough to click on one icon) before the phone returns to a locked state. Normally a discovery like this would warrant an advisory but having contacted Google on the 7th, they responded to say that they couldn't reproduce it on other Android 1.6 devices (Nexus 1). Whilst they did forward it on to Sony Erricson no response was forthcoming. In the light of this and given Sony's previous attitude to security research, I notified Google today of my intention to publish at my own discretion.
Music: Nothing playing right now
You are unknown, comment?