But now there’s a way around this – at least if you have a phone with Android version 5 on it. The worst thing: it is really easy and even people with no skill whatsoever in hacking can use the exploit easily. The good news: The attacker must have physical access to the device and the device he wants to hack must be secured by via a password. Not a PIN or pattern.
So how is the deed done? All one has to know is how to copy & paste. Really, it’s THAT easy. Ridiculous, right? When you are on the lockscreen just open the Emergency Call feature of the phone you want to access. From there on it’s only copy & paste, according to the report of the University of Texas:
“Type a few characters, e.g. 10 asterisks. Double-tap the characters to highlight them and tap the copy button. Then tap once in the field and tap paste, doubling the characters in the field. Repeat this process of highlight all, copy, and paste until the field is so long that double-tapping no longer highlights the field. This usually occcurs after 11 or so repetitions.“
„Go back to the lockscreen, then swipe left to open the camera. Swipe to pull the notification drawer down from the top of the screen, then tap the Settings (gear) icon in the top right. This will cause a password prompt to appear.“
Now you only have to paste the characters into the password field until it crashes – the camera will then bump you to the home screen.
Take a look at the whole procedure in the video below.
Google already patched the flaw, but as usual it might take a while until it reaches your Android phone. So just make sure that you don’t leave your phone unattended if you use the password lock option.