Re: Pauldotcom Digest, Vol 24, Issue 14

[Jake Johnstone <jakejohnstone () hotmail com>]

Android: pattern security lock vs. 4 characters PIN from a security side

The android patern lock or gesture lock as i call it is vulnerable to attack as mentioned by Anthony Miracle but the 
lock can also be very easily removed on rooted devices. It is viable that if the attacker had access to the phojne they 
could root the device and remove the lock to gain entry. I believe the lock could also be vulnerable to a cracking 
attack vector by hashing the key file with representing gestures into a list and matching against it. 

You may want to check out my blog post about it here http://sud0x3.net/2010/03/remove-the-gesture-lock-on-the-android/


> From: pauldotcom-request () mail pauldotcom com
> Subject: Pauldotcom Digest, Vol 24, Issue 14
> To: pauldotcom () mail pauldotcom com
> Date: Thu, 16 Sep 2010 12:00:02 +0000
>
> Send Pauldotcom mailing list submissions to
>       pauldotcom () mail pauldotcom com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>       http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> or, via email, send a message with subject or body 'help' to
>       pauldotcom-request () mail pauldotcom com
>
> You can reach the person managing the list at
>       pauldotcom-owner () mail pauldotcom com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Pauldotcom digest..."
>
>
> Thank you for subscribing to the PaulDotCom Mailing list digest.  Please visit our site, http://pauldotcom.com, for 
> more hacking entertainment.
>
> Today's Topics:
>
>    1. Re: Office password recovery/removal (k41zen Me)
>    2. Re: Android: pattern security lock vs. 4 characters PIN from
>       a security side (Anthony Miracle)
>    3. What am I missing? (k41zen Me)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 15 Sep 2010 15:46:45 +0100
> From: k41zen Me <k41zen () me com>
> Subject: Re: [Pauldotcom] Office password recovery/removal
> To: PaulDotCom Security Weekly Mailing List
>       <pauldotcom () mail pauldotcom com>
> Message-ID: <981E2E1E-0328-4598-9750-202902A514FA () me com>
> Content-Type: text/plain; charset=us-ascii
>
> So went with the recommended app from Elcomsoft and it did a great job. Took less than a second to
> obtain the users .pst password.
>
> Thanks to everyone.
>
>
> On 11 Sep 2010, at 17:50, Tyler Robinson wrote:
>
> > I will second elcomsoft had good results with them.
> >
> > > All,
> > >
> > > Can you recommend any good Office password recovery/removal apps for Windows and Linux? My immediate requirement 
> > > is to either recover or remove one from an Outlook 2003 .pst file.
> > >
> > > Grateful for suggestions.
> > >
> > > k41zen
> > > Super Hero Squad
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom () mail pauldotcom com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom () mail pauldotcom com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 15 Sep 2010 10:44:55 -0400
> From: Anthony Miracle <ronin7 () calima7 net>
> Subject: Re: [Pauldotcom] Android: pattern security lock vs. 4
>       characters PIN from a security side
> To: PaulDotCom Security Weekly Mailing List
>       <pauldotcom () mail pauldotcom com>
> Message-ID:
>       <AANLkTi=cDKTVCzZ0aPmq+cv37Eza+B-FOzZyKdJUwLL8 () mail gmail com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> As others have mentioned, it's often easy to figure it out from the marks
> left on the screen if you don't clean it often.
>
> Additionally, as a small experiment, I set a fairly complicated pattern and
> asked a co-worker to watch me quickly enter it once. He was able to
> duplicate the pattern on his first try. I did not have it set to display the
> pattern, he was just watching my finger. In my opinion, it's just easier to
> observe and memorize a pattern than it is to observe and memorize several
> rapidly typed numbers on these phones.
>
> ---
> Anthony Miracle (sequel7)
>
>
>
> On Tue, Sep 14, 2010 at 14:27, Sven Aluoor <aluoor () gmail com> wrote:
>
> > Hi folks
> >
> > Is "pattern security lock" more secure than a strong 4 characters PIN
> > (I used it on iPhone)? Is the Android implementation vulnerable?
> >
> > cheers Sven
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom () mail pauldotcom com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100915/9c940aa2/attachment.html 
>
> ------------------------------
>
> Message: 3
> Date: Wed, 15 Sep 2010 18:29:23 +0100
> From: k41zen Me <k41zen () me com>
> Subject: [Pauldotcom] What am I missing?
> To: PaulDotCom Security Weekly Mailing List
>       <pauldotcom () mail pauldotcom com>
> Message-ID: <4EA0854A-6FAD-4857-A0AB-C15F9963FB42 () me com>
> Content-Type: text/plain; charset=us-ascii
>
> So I'm in the UK. I've got tonnes of RSS feeds and am on a few very informative mailing lists - heck I even
> jump in and out of Twitter every now and again to try to keep up-to-date.
>
> Imagine my surprise (Vorstedt voice from Leathal Weapon 2) then when I was driving to work listening 
> to the latest PDC when it mentions UpSpolit. Here is an awesome service set-up and supported by numerous English
> blokes and a US podcast is introducing it to me! I'm sitting there on the M25 thinking how the hell 
> did I miss that? Was it a closely kept secret?
>
> So what did I miss? What am I not reading? What am I not listening to? What tweets am I not being...erm...twatted 
> with?
>
> k41zen
>
>
> ------------------------------
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>
>
> End of Pauldotcom Digest, Vol 24, Issue 14
> ******************************************

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com