Verizon Droid pattern lock bypass
One of the interesting features of Android smart-phones is the pattern lock screen. Instead of a four digit PIN, the phone is secured with a “pattern” of four to nine dots, arranged in a 3 by 3 square. This results in a possible 3,024 to 362,880 different combinations. Sounds pretty secure, right?
Unfortunately, a problem exists with Verizon’s Motorola Droid that allows a person to easily bypass the phone’s pattern lock screen. The problem so far, seems to be particular to the Droid’s version 2.0.1 software and has not been seen in any other Android phones, including the (Verizon) Droid Eris. The Nexus One, which uses version 2.1 of the Android software, has not yet been tested for this problem.
Normally when the phone is locked, an unlock pattern is required to access any applications or data. The exception is for incoming calls; in which case the phone can be answered, without the need for the unlock pattern.
It has been observed that on other Android phones, if you try to access any applications or data, while the incoming call is in progress, you will be asked for the unlock pattern. However, on the Droid, if you select the “Back” icon during the call you are taken to the “Home” screen without being asked for the unlock pattern.
Once you are at the Droid’s “Home” screen, you have full access to all applications and data; for as long as the incoming call is in progress, and you do not select the “Home” icon. When the call ends, or you select the “Home” icon, the Droid asks you to enter the unlock pattern.
The following procedure will demonstrate the observed problem on the Droid, and any other Android phones that might also have this problem:
- Enable the pattern lock screen on your Android phone.
- From another phone, call your phone.
- Answer the call, without using the unlock pattern.
- Select the “Back” icon.
As long as the call is “in progress,” and you do not select the “Home” icon, you should have full access to the phone’s applications and data.
Until this problem is fixed, anyone who knows your phone number and has physical access to the phone, can have complete access to whatever personal information the phone contains or has access to. With non smart-phones, this would normally be limited to just contact, schedule and text messages. But depending upon the kinds of applications you might be using, the privacy breach might also include e-mail messages and financial information; such as credit card and bank account numbers, passwords and PIN.
Thanks to the folks at LA 2600 for testing this on their phones for me.
Update — Further reading…
- Ramifications of smart-phone security problems, Droid or otherwise
- A (temporary) countermeasure for the Verizon Droid pattern lock bypass
- Caveat on Verizon Droid 2.1-update1 OTA update lock pattern fix