I think this is still difficult, right?

(November 14, 2022, 03:38 PM)xiaofeifei999 Wrote: I think this is still difficult, right?

Lmao no

Well, I have a fingerprint scanner. To crack it, you have to cut off my finger ... Fuck ...

(November 14, 2022, 10:26 PM)Magroll Wrote: Well, I have a fingerprint scanner. To crack it, you have to cut off my finger ... Fuck ...

I'll pay someone to do it, cuick cuick  😛

That's interesting

(November 14, 2022, 10:26 PM)Magroll Wrote: Well, I have a fingerprint scanner. To crack it, you have to cut off my finger ... Fuck ...

Article might not mention it clearly, but the issue is that the new SimPin screen, due to the race condition, dismisses your intended security lock. So you only see patches for PUK/SimPin, but the mechanism bypasses all of your other security screens including trust agents and fingerprints. Author mentions it nicely:

"Some other part of the system was monitoring the state of the SIM in the background, and when it detected a change, it updated which security screen was currently active. It seems like this background component set the normal e.g. fingerprint screen as the active security screen, even before the PUK component was able to get to its own .dismiss() function call. By the time the PUK component called .dismiss() function, it actually dismissed the fingerprint security screen, instead of just dismissing the PUK security screen, as it was originally intended. And calling .dismiss() on the fingerprint security screen caused the phone to unlock."

wow best security

Guess they patched the bug - before anyone could misuse it. Good call

always appreciated google transparency and support towards it's researchers

interesting if this bug accords on other roms