You must log in or register to comment.

random125184 t1_iw77gsu wrote

Reported in June. Not fixed until November. Holy shit. This is huge. Why is no one else talking about this?


masterhogbographer t1_iw7df4k wrote

Because it isn’t apple.

And I say that with zero intention on trying to start a flame war.

I say that because due to various reasons whenever apple has a flaw like this everyone knows about it very quickly after reported. And by everyone, I mean everyone.

There was a hands on device vulnerability in iOS last year or the year before, that my wife asked me about wondering if she needed to upgrade iOS asap. She is not tech savvy and I’m the only one in her life that is.

The inverse is, when there’s a similar exploit for non-apple devices, even people in the field can miss it. A friend of mine is a decent techie. Works in IT, and one of their specialities at the company he works for is security.

But the last few vulns for android that have popped up, I’ve been the one notifying him — he an android user and apple hater, me somewhat agnostic — of those vulnerabilities. Meanwhile, he texts me the instant there’s public word of an iOS or MacOS exploit lmao (not even joking, his hated is not healthy imo, but I guess tribalism is society these days…)

The sad part is, if this was apple, after just an hour this post would be front page back in June. And then there would be reposts of the same blog articles across dozens of subs that also would have been top of their sub with hundreds of comments and every month since June there’d have been more articles bubbling to the top with titles like “how hasn’t apple fixed this yet?” Or “Tim cook should resign in face of deflategate” wait that’s another thing entirely


RejZoR t1_iw7h9hz wrote

Thing with iPhones is, you know if you're affected or not. I've recently returned to Android and I have no clue if my Poco is affected or not. And knowing Xiaomi, it's either not affected because it's so modified or it is affected and won't be fixed even months after Google fixes it in AOSP repository.


[deleted] t1_iw7kf63 wrote



RejZoR t1_iw8gm8y wrote

Just out of curiosity if anything has improved. It mostly hasn't. Have plans to buy Galaxy S23 if it'll be any good, but couldn't wait for that long.


Informal-Lead-4324 t1_iw7qhp6 wrote

Why is Apple so good?

I'm saying this as someone who thoroughly enjoyed the iPhone 3, 3g, and iPhone 4.


[deleted] t1_iw7rzkr wrote



Informal-Lead-4324 t1_iw7tfv8 wrote

What software is better on it?

And wym implementation

The only time I've delat with Apple support, it's been the phone(battery )breaking and them telling me to buy a new device lol. Fortunately they got sued for It I think


[deleted] t1_iw7w044 wrote



JazzioDadio t1_iw8gadf wrote

It's nitpicky but for the sake of accuracy it should be said that Google's Pixel phones have held the crown of best camera processing software for some time now.

With Apple's new(ish) custom silicon I'd agree that their implementation of certain features is still top notch, but they'll have to work to keep that lead.


terraherts t1_iw8m8dn wrote

Completely disagree on software.

Speaking as someone who owns an Android phone (Pixel), an iPad, a Windows PC, a macbook pro, and uses Linux for work, so I use a bit of everything.

They get a lot of low-level software stuff right, certainly, especially for a company that's making a lot of bespoke proprietary hardware. But their frontend and first party stuff is... not great.

iOS's notification system is still leagues behind Android, and I find the less I use Apple's first party software on macOS the better. "Ecosystem integrations" like sidecar are so unreliable that I've given up trying to use them, Stage Manager are really half-baked (iOS) or seem to duplicate existing features (macOS), etc. Settings and breadcrumbs on iOS are still a headache. iTunes is somehow still one of the worst interfaces I've ever used, people just don't notice as much because it's rarely needed anymore. Finder is still my least favorite default file manager across any desktop OS. Files on iOS only recently became what I'd consider non-alpha quality.

Main reason I have the macbook pro (M1) and iPad is the hardware. Apple's made some flubs on hardware too of course (most of the MBPs from 2016 up until the new M1's for example), but a lot of their more recent stuff is very solid on that front.


ll-0000-ll t1_iwbcnat wrote

The software is better because its much more optimized. Iphones have longer battery life than androids while having a smaller batter. How? Software. This is just an example.


OneAd3613 t1_iw8qmik wrote

Test it?


RejZoR t1_iwb3rpz wrote

Turns out I'd need another SIM to test it and I don't have one. Annoying.


bengringo2 t1_iw7ycli wrote

I don’t understand it for the life of me. When I don’t use a company’s product I simply don’t think about them. I think some people just bask in schadenfreude as a hobby.


omniuni t1_iw8idl6 wrote

This is also an incredibly specific use case. You need to have the phone configured with a PIN locked SIM.


Eskimoobob t1_iw87num wrote

Uh not to deflate you, but my work is predominantly apple and what I monitor for security flaws, but I utilize Android devices personally.

I naturally come across research for apple devices but we have no Android for our MDM so it isn't pertinent to our mission.


BasementDweller3000 t1_iw7o4l4 wrote

My Apple Watch can unlock my iPhone. Last week as I was putting on my Watch, I had my iPhone nearby and it unlocked my iPhone before I had a chance to unlock my Watch first.

Edit: Never mind. I was mistaken. See below.


Stingray88 t1_iw7p372 wrote

That’s not true, that’s not how it works at all.

Apple Watch can only unlock your phone if it is already unlocked. And it only tries to unlock your phone after it fails to unlock via FaceID because you’re wearing a mask or something.


BasementDweller3000 t1_iw7ph2w wrote

I know that’s how it’s supposed to work, but I saw it unlock my iPhone without the Watch not even being on my wrist yet.

Edit: Never mind. I was mistaken. After trying to replicate it a few times, it seems that what actually happened is I had my iPhone in front of me, my face unlocked the iPhone and then my iPhone unlocked my Watch the moment I got it in my wrist. I misread the notification telling me that my iPhone unlocked my Watch as if it were saying my Watch unlocked my iPhone.


Eskimoobob t1_iw87d55 wrote

Plenty of people are, you might just not roll with the cybersecurity crowds.


Filthy_Firestarter t1_iw8fth1 wrote

Especially when Google loves to slam others for vulnerabilities. Don't they just post the exploit if it isn't fixed in 2 or 3 month? God forbid when they have an issue though.


Torifyme12 t1_iw8h0jp wrote

They knocked that shit off quick when MSFT formed the "Fuck Google" research group.


Now they're (surprisingly /s) more flexible.


erosram t1_iw7g4ju wrote

Seems like a major over look on androids part. And now on the medias part.


Translationerr0r t1_iw7hb3t wrote

I hope you all noticed the "started from an unlocked state"-statement.


hildebrot t1_iw7om64 wrote

And it was only reproduced on two Pixel models, not Android as a whole as the title might mislead people to believe.


dingo1018 t1_iw845ue wrote

Still bagged the guy 70 large in reward money from Google, not a bad days work at all. Did I read that right 70 grand???


Hilppari t1_iw85j6h wrote

its alot more than two pixel models. other brands are affected. i've tested on zenphone 9 and even lineage OS. with latest updates. older phones that dont have any more updates are also affected.


killerjerick t1_iw8s6ln wrote

Classic that the top level comment and it’s most upvoted reply are completely false if you bother to read the article in its entirety, or you know, watch the video included…


prs1 t1_iw816rl wrote

They start from a locked state in the video.


killerjerick t1_iw8s1zm wrote

I hope you notice that you’re completely incorrect.


9-11GaveMe5G t1_iw9jinr wrote

If you read the full writeup by the guy who found it, he starts from a fresh, locked, encrypted reboot. You could hand me your phone off and I could do it.


twitterfluechtling t1_iw74t7q wrote

What about encrypted devices? I expect Android can't unlock the storage without the security code, so it should be logically impossible to dismiss that dialog and still start the device?


MindStalker t1_iw7d29x wrote

It looks like you don't need to shut down the device. So if it's already on when stolen your screwed.


davidemo89 t1_iw9168r wrote

You were screwed. They fixed it.


deserteagle_007 t1_iwahxf5 wrote

For anyone running Security patch November release. So most phones are still vulnerable besides Pixels


ListRepresentative32 t1_iw79osw wrote

Yes, the bypass doesnt work after a fresh reboot. On a device that was atleast once unlocked after boot, it works no problem.


aredna t1_iwb86ee wrote

According to his blog it also works after a reboot and that's how he found it. He later found the reboot wasn't necessary. This made it more dangerous because you need less time to get in.


ListRepresentative32 t1_iwbw4cy wrote

Depends on what exactly works. The lock screen dismiss works everytime, that's true. But its of any use only if the device was previously unlocked with PIN/password after boot. Otherwise the phone is still encrypted and bypassing the screen is useless(you can't access any user data)


Translationerr0r t1_iw7hunl wrote

That's not how I read this: they started from an unlocked state to get passed the fingerprint unlock screen. Did I miss something?


Macluawn t1_iw9p8dy wrote

When a phone is rebooted, a password must be entered before touch id or face id will work.

In this context, "unlocked" doesnt mean you start from the home screen - it means the password was entered at some point since the phone was last booted up and is now in an unlocked state where touch/face id can be used.


Translationerr0r t1_iw7hnvf wrote

The article mentions you either run into fingerprint unlock screen (when starting from a locked screen or after restart) OR you start from an unlocked screen (which makes the hack just a waste of time as its already unlocked).


hildebrot t1_iw7oa9y wrote

Right, so for anyone who didn't read the article:

  1. The only way to get inside the phone was either with a correct fingerprint OR if he started in UNLOCKED STATE. Meaning that this was all useless because why would you do all that if you already have access?

  2. This was only possible on two Pixel phones, not Android as a whole. Kind of stupid to write a title like that.


synackk t1_iw7przs wrote

  1. Unlocked state here means at some point the phone has been unlocked at least once for the encryption. If someone stole your phone after you’ve used it one, they’d be able to bypass the unlock screen.

  2. That’s just what the discoverer of the exploit was able to test it on. There have been other reports it’s worked on non-pixel phones or custom android distributions.


hildebrot t1_iw7w5jb wrote

>Unlocked state here means at some point the phone has been unlocked at least once for the encryption

That is not what the article says.


synackk t1_iw88blr wrote

That came from the original source:

>>> As I did before, I entered the PUK code and choose a new PIN. This time the phone glitched, and I was on my personal home screen. What? It was locked before, right? This was disturbingly weird. I did it again. Lock the phone, re-insert the SIM tray, reset the PIN… And again I am on the home screen. WHAT? My hands started to shake at this point. WHAT THE F**K? IT UNLOCKED ITSELF?

Article could be wrong or wording it poorly


steak4take t1_iw9gxrc wrote

Bleepingcomputer misrepresenting information to sell ad Clicks? That's unpossible!


Dominicus1165 t1_iwamryl wrote

That’s why a video is embedded into the article.

The phone was unlocked. It is locked now and not restarted.

Fingerprint is disabled by failing too often.


oauth20 t1_iw74ia4 wrote

Possibly this was kept as backdoor for government agencies 👀


Lance-Harper t1_iw75jzo wrote

That’s conspiracy whilst google patched it last week.

If the gov REALLY wants something from you, there are many many other ways than asking a tech giant to manufacture a front door (because that’s not a back door), and making it look like a bug, only temporary.


nyaaaa t1_iw9ke2w wrote

Nah, more likely the testers didn't bother with the PUK because they forgot that still exists.


WexfordHo t1_iw7ft1f wrote

As if 20 minutes with a rubber hose wouldn’t get the same results and more, for less money and exposure.


tlsr t1_iw7rq7g wrote

>accidentally finds a way

Whips out "attacker controlled sim"


KiraUsagi t1_iw8e27q wrote

The attacker controlled Sim is just there to show how an attacker would get in. You could do it with the Sim that was already in there but you need to know what the pku code is. This is how the researcher originally discovered the flaw.


MC68328 t1_iw7yzmx wrote

And every Pixel phone from the Pixel 4 and earlier will have this fatal flaw, since Google refuses to continue security updates.


Hewhoisnottobenamed t1_iw810fv wrote

Hey Now! We can't have people choosing not to upgrade their perfectly functional old phones to the newest and most expensive ones.


Complainer_Official t1_iw84x81 wrote

the new software is too demanding for old hardware.

although, it seems like it would add a few jobs for the economy if google had a division for keeping their old code up to snuff.

or even allow opensource devs to do it. that would be cool too.


JazzioDadio t1_iw8gvs3 wrote

That's an awfully convenient excuse. I'm sure if they wanted to they'd find a way to get new security updates on much older hardware, but they won't do that because then no one would abandon their otherwise perfectly functioning phones. And I say this as a lifelong pixel user.


sleepybrett t1_iw9dxhc wrote

Backport the patch the old versions of the OS. Apple has done this in the past when faced with similar issues.


the-samizdat t1_iw7nw28 wrote

What is an “attacker controlled sim”?


XkF21WNJ t1_iw7onb3 wrote

A sim the attacker knows the PUK code of.


Hilppari t1_iw85pc6 wrote

for example 3dollar prepaid simcard.


jdeezy t1_iw7h3vm wrote

What bout android 8?


Zingo_sodapop t1_iw8ipvi wrote

How about android 9 or 8?


SmegmaSmeller t1_iwamsll wrote

You're likely screwed at least for a while. Running android 11 and have no updates and no recent updates


RipThrotes t1_iw8rit5 wrote

There is a way to bypass the lock screen while starting my Samsung Galaxy s10e.

When you boot up, it has to load all settings or something like that, and at the right point in boot up it will allow you to navigate the phone before everything has loaded.

It may push you to the lock screen once that has configured, I don't do it often, but it may be a legitimate variation of this "news" story.


SMHeenan t1_iw9176l wrote

For what it's worth, my Pixel did not notify me of this security update. I had to manually update my phone to get this patch.


Starr-Duke t1_iw9qr2k wrote

Can bypass my fingerprint scanner on my note 10 by turning on the screen and tapping the fingerprint sensor with anything while shutting the screen off at the same time. Works 1/10 or so times


joeg26reddit t1_iwa9so6 wrote

"when he tried reproducing the flaw without rebooting the device and starting from an unlocked state"


I found a way to by pass the lock screen

Step 1 ) Start from an unlocked state...


ZZ3xhZz t1_iwbkkpx wrote

"Android phone owner accidentally" Vs. "Cybersecurity researcher"

Thats a very deceptive headline - the first one implies an everyday joe, and the second one implies a highly specialized expert in the field.

You also need access to the PUK, not something you'd have easy access to unless you already have nefarious ways to access that from the service provider.

This only applies to 2 specific models of phones - the 1000s of other android devices not affected.


TheElusiveFox t1_iw8nz2s wrote

By Android phone owner, they mean Security researcher, and by accidentally, they mean this convoluted 5 step process...

I'm not saying it isn't terrible that you could bypass the lock screen, but lets not pretend that some one just accidentally swiped diagonally or something and the phone opened.


Myte342 t1_iw9w066 wrote

Hurray the English language! In this instance 'by accident' would mean the person was not actively TRYING to find a way to bypass the lock screen, rather that he happened across it while doing something else. They did not use the term 'accident' to imply the guy dropped his phone and it unlocked. That the entire process involves a few steps does not invalidate that it was discovered 'by accident'.

Example: Post-It Note glue and WD-40 were so totally the intended results and not 'discovered by accident' while trying to create a completely different chemical than what resulted in their experiments so we should just ignore those inventions entirely and downplay their significance cause the inventor didn't just combine two chemicals together and snap his fingers to make something appear but because they both involve a complicated process of multiple steps they couldn't possibly have been discovered by accident.


No-Mission-962 t1_iw7n1oi wrote

Lol, its not as big people are making it to be. Basically the person needs to know the Sincard unlock code and even after that the device will ask for a fingerprint.


minaguib t1_iw7s6w1 wrote

Read the researcher’s work here, which shows how this is not an issue as the attacker can trivially do a SIM swap.


pickled-egg t1_iwbh9y8 wrote

No, that isn't how it works.

Watch the video, it has been demonstrated.


tsfbdl t1_iw82y8q wrote

Ehhh I don't even put a lock on my phone I'm mentally disabled and can't remember passwords easily everything I have is written on the phone and if I get locked out I'm screwed


[deleted] t1_iw78kly wrote



gizamo t1_iw7igdp wrote

...except the patch is already available for all Android devices running Android 10+, which includes all Pixel 4 devices.