Droid unlock pattern

The bad news: There's a flaw in the Motorola Droid 2.0.1 software that can potentially allow someone access to your data even if you have a lock pattern set.

It seems that if your phone receives a call -- you can answer the phone without unlocking -- and hit the "back" button, suddenly you're in. No unlock pattern required. And that's bad.

The good news: For this to work, someone has to have physical access to your phone. Let's hope we see a patch for this pretty quick. And in the meantime, hold on tight to your Droid. [via The Assurer, thanks to everyone who sent this in!]

 
There are 12 comments

Omnimouse says:

If anyone has physical access to your phone, there is no stopping them from getting your data. That is, unless you have a remote wipe application.

Anonymous says:

Well also it would be nice if they didnt waste your minutes or something else.

Anonymous says:

Android experts:

Is there any to make sure that SIM data does NOT get synced with Google contacts data?

Thanks.

o2bnclemson says:

I tried the lock pattern on my Eris and wasn't a big fan. I noticed that the pattern was fairly easily discerned just by looking at the swipe pattern on the screen, from fingerprints. I'd prefer a numeric unlock option like I've seen on the iPhone.

theGOLDrule says:

I have tried this and YES, during a call the user can gain access into the device. Still, once the call is ended, the phone returns to the lock pattern screen. So it will only be a temporary breach of security.

Anonymous says:

Well if they find out or know your number, then they could call you and let the call go on for as long as they needed.

JCZ says:

That is one hell of an unlock code!

Dustin Day says:

Everyone should have Mobile Defense installed on there phones. Right now it is the best free app on the market and developer support in great. If you don't know what it is check it out.

graymulligan says:

Wave secure.

That being said, if its sensitive data, it probably shouldn't be on your cell phone anyway. There are far better ways to move secure stuff from one place to another that don't involve one of the most often lost/broken/stolen pieces of tech out there.

Anonymous says:

You can disable the pattern lock while on a call using this workaround for another bug found on Google's android forums:

http://code.google.com/p/android/issues/detail?id=4784

Issue 4784: Google credentials don't unlock phone after failing too many pattern attempts.

Geoff says:

After having established a security lock pattern, I have found that it is not possible to simply turn-off the feature altogether. It is possible to change the security lock to a passcode, but once done there does not seem to be any way to configure the phone not to use any security lock.

I have tried:

Settings->Display And Security->Security Lock-Security Lock Type->Passcode lock (uncheck the button).

I am prompted to enter my current passcode, which I've done. Then, I am prompted to enter a new passcode. I've tried entering nothing and just clicking the check icon, but it tells me the passcode must be at least one digit. I can then enter a new passcode, but there just does not seem to be any way to say, "Hey, I don't want a security lock." Please HELP! This is most aggravating.

Bill says:

are you starting from the home screen and going to settings. If you are I do not have the same menu options on my droid. please let me know I would love to have a passcode and not an unlock pattern.