Very severe Android 5.0+ lock screen bug found

[Master Disaster]

Users of Cyanogenmod have reported a bug with Android 5.0, 5.01 & 5.02. Initially it was suspected to be a Cyanogen specific issue but they've confirmed it also exists in the stock images.

Basically certain applications (QQ Browser is the only one listed so far) allow a user to completely bypass the lock screen when it's setup to use a swipe pattern with a very simple button press routine.

The Cyanogen team are advising all Android 5 users to uninstall QQ Browser for now, they expect the patch in the next nightly however that's only for Cyanogenmod users, stock users will have to wait for Google to.patch it.

Source - http://www.androidheadlines.com/2015/03/lock-screen-bug-plaguing-android-5-0-and-later-devices.html

[brownninja97]

wow thats just, wow.

 

thanks obama

[Altecice]

So its only if you use CM with a specific app? So it wont effect that many people and this title is clickbate. A major bug would be bypassing without any other app imo.

[Master Disaster]

So its only if you use CM with a specific app? So it wont effect that many people and this title is clickbate. A major bug would be bypassing without any other app imo.

No, it was reported by Cyanogen users but the Cyanogen team have confirmed its present in all android images including the stock one so it effects everyone using Android 5.

The bug report lists QQ Browser and other apps so its not just one app, in fact no one really knows how bad it really is right now though I'm sure there's users trying every possible app to find out.

[Sauron]

I guess I'll stay away from QQ and hope google gets their s**t together.

[Nineshadow]

It's not a very severe bug by any means. 

It's a small thing they forgot to add in, and the app's developers are also at some fault.

 

Anyway, knock code FTW.

[Guest]

Only one app?....

Really?

Hardly news.

[Cheeky Leo]

Did anyone notice the 4:04 time on the screen? Pretty funny in context with the bug. 

[popman]

It's not a very severe bug by any means. 

It's a small thing they forgot to add in, and the app's developers are also at some fault.

 

Anyway, knock code FTW.

Sure, the bug is caused by the app developers, but getting past the lock screen on android like that shouldn't be possible with any application. (or else, malicious apps could sick a backdoor in every phone they're installed on)

 

Kind of like saying it's purely a frontend web dev's fault that some php injection can return an arbitrary user's password after a failed login. Sure, that's a terrible bug in the authentication code, but actual passwords shouldn't be anywhere on the server. Ever.

[Yummychickenblue]

QQ Browser? I love that browser! That makes me QQ

 

I'm sorry.

[Guest]

'very severe'

[Memphaestus]

So you're telling me some random crap Chinese browser triggers a bug if you have CM and this browser installed at the same time?  That sounds like a horribly debilitating bug that is going to be THE END OF ANDROID!!!! 

 

Seems to me that everyone is trying their damndest to find any flaw whatsoever in Lollipop, and there seems to not be many. First the select few Nexus 5's on a specific provider bug, and now this.  Yes there will be a couple minor, hardly noticeable bugs to 99.9% of user base (I've never even heard of QQ Browser), but come on, this is stretching it a little don't you think?  Especially calling it "Very Severe".  Probably Iphone users.  :rolleyes:

 

These sensationalist, clickbait titles need to stop. 

[Kinda Bottlenecked]

So you're telling me some random crap Chinese browser triggers a bug if you have CM and this browser installed at the same time?  That sounds like a horribly debilitating bug that is going to be THE END OF ANDROID!!!! 

 

Seems to me that everyone is trying their damndest to find any flaw whatsoever in Lollipop, and there seems to not be many. First the select few Nexus 5's on a specific provider bug, and now this.  Yes there will be a couple minor, hardly noticeable bugs to 99.9% of user base (I've never even heard of QQ Browser), but come on, this is stretching it a little don't you think?  Especially calling it "Very Severe".  Probably Iphone users.  :rolleyes:

 

These sensationalist, clickbait titles need to stop. 

 

Well... Getting past the lock screen is a problem. 

I'm guessing the chinese people from china use this browser. China has probably 160 Million active android users. (According to this report https://www.techinasia.com/china-active-android-ios-users-2012/)

I think this is quite big enough of a user base for it to be a known problem. 

[LifesCompanion]

wow thats just, wow.

 

thanks obama

 

Obama Care might be to blame, who knows???

 

 

 

 

 

 

 

No, I'm not serious - I'm not a Fox new anchor (read, retard) 

[Memphaestus]

Well... Getting past the lock screen is a problem.

I'm guessing the chinese people from china use this browser. China has probably 160 Million active android users. (According to this report https://www.techinasia.com/china-active-android-ios-users-2012/)

I think this is quite big enough of a user base for it to be a known problem.

160 million android users, but according to the QQ Browser app, only a little more than 1 million have even downloaded it. Cross section that with how many of those people also have cyanogen mod, and subtract the people that don't use the browser app anymore, or have since switched to a non Android phone. I'd say it probably doesn't even affect that many people in the grand scheme of things. And definitely not enough to warrant an immediate update from Google.