Google Evangelist Recommends Against Using Swipe-to-Unlock on Android
Google Evangelist Recommends Against Using Swipe-to-Unlock on Android
Posted 02/14/2012 at 10:23am
| by Paul Lilly
16
Comments
Print
If your penchant for frequently washing your hands ventures into obsessive-compulsive disorder (OCD) territory, by all means, you're probably safe to use Android's swipe-to-unlock security feature to keep nosy Nancys from spying your contacts and text messages. But for the rest of us, so-called '"reverse smudge engineering" might be the bane of greasy fingers.
Canadian software developer, entrepreneur, and current Google employee, Tim Bray, warns that the swipe-to-unlock feature in Android is fairly easily thwarted just be looking at the pattern of smudges your fingertips leave behind.
"Last year I was touring around with a bunch of Googlers doing DevFests and Developer Days and so on, and an emergency arose when a couple of colleagues had my original Galaxy Tab and needed to use it for something, but I wasn’t there. They managed to figure out my pattern by looking at the fingerprints on the glass and it only took them a few minutes. Maybe I’m a little greasier than average, but that’s still sobering," Bray explained in a blog post.
Bray, whose opinions are his own and don't necessarily reflect that of Google's, favors the PIN feature, which works for him because he feels he could punch in his code "really, really fast" so even if someone were to peer over his shoulder, they'd have no clue what numbers he pressed.
Do you lock your phone down, and if so, what method do you use?
Image Credit: Gizmodo
More like this
16
Comments
Comments are closed on this article
bio8vghdf8a
February 15, 2012 at 4:16am
very good web: === http://www.plzzshop.com
The website wholesale for many kinds of fashion shoes, like the nike, jordan, prada, also including the jeans, shirts, bags, hat and the decorations.
All the products are free shipping, and the the price is competitive, and also can accept the paypal payment., After the payment, can ship within short time.
We will give you a discount
WE ACCEPT PYAPAL PAYMENT
YOU MUST NOT MISS IT!!!
=== http://www.plzzshop.com
thank you!!!
Believe you will love it.
We have good reputation, fashion products,
come here quickly== http://www.plzzshop.com
Opportunity knocks but once
aarcane
February 14, 2012 at 2:44pm
I've been using this trick for a long time now. Like.. Since the swipe thing first came onto the scene. I warn all my friends about it, and when they don't listen, I go snooping into their "private" lives.
vrmlbasic
February 14, 2012 at 2:09pm
Why not just rub your finger randomly on the screen as time goes by to thwart this, or draw patterns with the screen off to be a sort of "false pattern", akin to dialing bogus codes on keypads so that numbers besides the ones for the code are worn down?
The problem I find is that the swipe method of unlocking is just so convenient, moreso than having to dial a pin/password. If only I could say the same thing about the Swype keypad system.
tony2tonez
February 14, 2012 at 11:42am
I use password instead of swipe or pin.
I tried the methods of looking at the swipes and its pretty easy to get in. I was telling a friend about this, because he uses a swipe pin on his Apple and didn't believe me. Took me about 15mins and I was in. He wasn't to happy about it.
Even looking at your photo, what do people think it is.
I'm going with along the lines of 1703.I'm guessing left handed, starting at 1, then you could see change in direction with maybe extra pressure applied at the 7 and goes down, the only other # that low on numeric keys is 0. And a final swipe up to 3 and slide off to the right as open.
dgrmouse
February 14, 2012 at 11:39am
I'd like to see built-in fingerprint scanners. They are super-cheap, moderately durable, USB-based, and very difficult to foil. They also make great "hotkeys", allowing different programmed reactions for each finger.
compro01
February 14, 2012 at 11:56am
You vastly overestimate how difficult most fingerprint scanners are to fool. You may find this paper enlightening.
http://wwwstdot.com/pub/ffs_article_asten_akaseva.pdf
Also, the failure mode sucks. If someone finds out your pin/password, you just change you pin/password. If someone duplicates your fingerprints, which you helpfully leave /everywhere/, then what do you do?
dgrmouse
February 15, 2012 at 3:24am
I respect the guys in Helsinki (they got a LOT of us started w/ Linux!), but if they want to break into your phone they are going to find some way to do it. Building up a prosthetic finger from a fingerprint is a non-trivial task, and even then the success rate is very low. It's certainly a more secure form of authentication than a gesture. It's also trivially possible to have a telephone snap a photo, send an e-mail, etc. upon authentication failures, which could be a pretty strong deterrent. And besides, the hot-key functionality would be really useful - especially on a small minimalistic interface like on a smart-phone.
Joe The Plummer
February 14, 2012 at 11:39am
Wouldn't this still be a problem with a pin? If you're hands are that greasy to reveal a swipe, they would be for pins too.
compro01
February 14, 2012 at 11:44am
A button press for the pin looks like any other button press, like for dialing a number. the continuous swipe for a pattern lock is much more distinctive and not a motion you're likely to use for anything else.
p47riot
February 14, 2012 at 11:08am
I use an app called 'SeekDroid' that includes a PIN lock. With it, you can also remotely lock or wipe your phone, activate an audible alarm, and track the current location.
EDIT: I remembered after I posted this, that I originally got the paid app from Amazon as the App of the Day. There is a free lite version as well, though I'm not sure which features it has.
bling581
February 14, 2012 at 10:44am
I can see this happening to some people, but I don't think it's a widespread issue. All the apps I use require touching the screen, especially gaming so I don't see how your unlock "code" could be so apparent. I think they're being a little overly dramatic.
ddimick
February 14, 2012 at 11:33am
I don't. I used pattern unlock for a couple weeks and it was very easy to look at the screen and discern the pattern. It would probably only take a few attempts to unlock it. Switched back to PIN.
bling581
February 15, 2012 at 10:52am
Perhaps it's the type of material that's being used for the screen? I'm touching my screen a lot on a daily basis browsing the web or playing games, and I looked at it just now and not a single smudge. Not sure why others have problems.
Lorondos
February 14, 2012 at 10:41am
Ever since I have encrypted my GN, only gives the option to lock via password or PIN code so makes me think that Google really think of the other lock methods as more of a novelty more than anything and that you should really use either a PIN or password.
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 12 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 12 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 10 hours ago
