Is the Motorola Droid security flaw a hoax or real? (it’s real)

Motorola Droid security hack or breach?There has been several reports today of a security hole in the Motorola Droid phone. I was surprised that, at least according to some reports, the pattern lock which protects the phone much like a computer password, could be breached. Apparently, during an incoming call a thief could break into your phone by pushing the “dedicated back button” on the Droid phone.

Curious, I tried to replicate the breach.

I locked my Droid. Then called myself using a landline.

The phone rang, and the caller ID information came up on the display. I immediately pressed the back button. Nothing happened. The phone kept ringing. So I tried holding the back button, then repeatedly pressed it. Again, nothing happened.

I hung up the call, and tried to keep pressing the back button. The phone still showed the lock pattern screen and I could not gain access.

From what I can tell, Motorola may have admitted that there is a security flaw. This is unconfirmed (but I could be wrong).

But I can not duplicate the hack people are talking about today on the Web. I might be doing something wrong, and will keep looking into this story. If there is a hole, Motorola should get an OTA fix pronto. Then again, I’m dubious about the claim, although just because I can’t duplicate the issue doesn’t mean the report is not true.

[Source: Gizmodo, Droid Security Flaw Puts Your Personal Information at Risk]

Update: It’s a flaw. I was able to replicate it easily. I missed an easy step which is to actually answer the incoming call, then press back button. Yes, it does give you access to the entire phone’s contents. Obviously not good. We’ll see how long it takes Motorola/Verizon to fix the security issue. You’d think they would have tested this first, no? Apparently this only impacts Android 2.0.1 devices (such as the Droid), so Nexus One is possible not at risk.

Explore. Create. Live. Follow Stark Insider on Twitter and Facebook. Join our 9,000 subscribers who read SI on tablets and smartphones on Google Newsstand. Prefer video? Subscribe to 
Stark Insider on YouTube, the largest arts & travel channel in San Francisco.
  • Frederick

    Yes it is real! very real! How its done, you answer the incoming call, then hit the back button. This is a serious issue!

  • Frederick

    Yes it is real! very real! How its done, you answer the incoming call, then hit the back button. This is a serious issue!

  • Rory

    i stopped using this feature when i realized if i wasn’t militant about wiping my phone, the password was sitting right there on the screen in the form of smudges.

  • Rory

    i stopped using this feature when i realized if i wasn’t militant about wiping my phone, the password was sitting right there on the screen in the form of smudges.