Comments on: Android’s Login Is Cool, But Is It Secure?

By: David

David — Sun, 06 Sep 2009 13:56:15 +0000

@Chris. No, he is not wrong. It’s the equivelant of 36 hours a day worth of power, because there are 4 1/2 office.

By: Robert Reynolds

Robert Reynolds — Thu, 16 Oct 2008 07:12:00 +0000

M1nt blog spams now? How desperate.

By: Is Android’s Unique Unlocking & Login Feature Secure? | Android Central

Wed, 15 Oct 2008 09:59:33 +0000

[...] [TechCrunch] [...]

By: Android’s Login Is Cool, But Is It Secure? | Tech News - Business News And Social Networking

Tue, 14 Oct 2008 15:03:55 +0000

[...] article: Android’s Login Is Cool, But Is It Secure? From [...]

By: Fantastic Sarch

Fantastic Sarch — Tue, 14 Oct 2008 15:02:24 +0000

really cool

By: Androidのロック解除用パターンは何パターンあるのか « Moukari

Androidのロック解除用パターンは何パターンあるのか « Moukari — Tue, 14 Oct 2008 14:45:32 +0000

[...] TechCrunch英語版(原文)のコメント欄に投稿しといた。なんとかあの英語を理解してくれる人がいるといいけど…。 [...]

By: Moukari

Moukari — Tue, 14 Oct 2008 14:43:01 +0000

I wrote a program in Prolog to count patterns. There are 576 patterns if only horizontal or vertical transitions are allowed. And, there are 10096 patterns if diagonal transitions are also allowed. For more information and a Prolog sourcecode, visit my blog (in Japanese, sorry. but I think you can read a code and may be satisfied.)
http://moukari....81%AE%E3%81%8B/
note: I assume that we cannot reuse the node nor jump over the node.

By: Sergio Montini

Sergio Montini — Tue, 14 Oct 2008 08:49:41 +0000

Better than the shitty iPhone unlocking, anyway.

By: Ytsejam

Ytsejam — Tue, 14 Oct 2008 07:30:25 +0000

it’s not like you just unlock your phone using a pattern then NEVER touch the touchscreen..
you guys think that the only use the touchscreen has is to unlock the (G1) phone.. have you ever thought that after unlocking the phone using a pattern, you will still use your fingers (on the touchscreen) to Slide UP the applications drawer? or slide down the Notifications? or swipe left and right to switch desktop/homescreen views? tap on icons? make phonecalls and smudge your entire cheek and face on the phone? and swipe your fingers all around when browsing web pages?

and after that screen torture, if you can still locate the original oily unlock pattern smudge, then better head up to CSI and get a detective job..

By: TheWindowsFix

TheWindowsFix — Tue, 14 Oct 2008 03:40:31 +0000

Is it secure? 99% of cell phone users have no password on their phone what so ever…you press the ok key or four zeros and you’re in. The iPhone has a slider? I don’t get the ‘is it secure’?

By: Josh

Josh — Tue, 14 Oct 2008 02:20:56 +0000

Unlocking your phone is the first thing you do… followed by a series of other gestures which would totally obscure the first motions of the your finger… right!?

By: offbeatmammal

offbeatmammal — Tue, 14 Oct 2008 00:58:24 +0000

in the Origami 2.0 add-on for UMPCs (from Microsoft) there is a feature called Picture Login which works pretty similar to this… you tap up to a dozen points on a picture to log in.
For a keyboardless device it works pretty well, and I guess if you are constantly tapping on the phone screen it would be hard to know what was the login swipe vs normal usage grease trail

By: Tzar

Tzar — Mon, 13 Oct 2008 23:04:06 +0000

Tom, you’re right 100%. I am not going to comment on the motion detector concept, but why would they want to replace something that works fine and everyone is accustomed to? Just to stand out maybe. I guess Google engineers never heard of “If it ain’t broken, don’t fix it”. Neither did Vista product team, btw – and we know happened there.

By: Vincent

Vincent — Mon, 13 Oct 2008 22:03:26 +0000

It’s not so relevant for security how many possible combinations there are. It’s what most people actually use. Even now with pincodes, 35% of all codes are 0000. Someone who wants access to a phone always tries that first. With Android, I guess most people will draw a square.

By: Quinientos Doce Megas » Desbloquear Android podría ser fácil para cualquier persona

Mon, 13 Oct 2008 21:50:44 +0000

[...] cualquier manera, como dicen en TechCrunch, lo mejor sería que Google Android ofreciera la opción clásica de usar una combinación de 4 [...]

By: Julian Baldwin

Julian Baldwin — Mon, 13 Oct 2008 20:40:59 +0000

Now it seems we might be solving different problems or breaking the problem down differently to solve the same problem.. I wanted to find a pattern for increasing the nodes by 1 while using 4 edges before getting more complex with additional edges, which would allow a user to incorporate additional nodes in their password

By: Julian Baldwin

Julian Baldwin — Mon, 13 Oct 2008 20:37:25 +0000

While in class it dawned on me that I did not mention one of the assumptions of our model.. that is 4 edges.. because standard cell phone passwords are 4 digits.. I started looking at 4 edges and 4 nodes but haven’t finished it because I have to do other work for class tomorrow.. but it seems like there would be more than 380K patterns because there will be more than 380K users with the phone eventually and having that many people with identical passwords makes little sense to me

By: Cedric

Cedric — Mon, 13 Oct 2008 19:49:56 +0000

I work on Android…

By: Alan Brown

Alan Brown — Mon, 13 Oct 2008 19:41:34 +0000

yeah, that makes sense. plus you will be smearing it all over your face more often than you’ll be logging in

By: Android login security is clever but is there one fatal flaw? | BitterWallet

Mon, 13 Oct 2008 19:38:46 +0000

[...] Pic and tip from Techcrunch [...]

By: ubergoober

ubergoober — Mon, 13 Oct 2008 19:21:46 +0000

Just look for the grease/oil smudge pattern on the screen and voila! pattern defeated!

By: kg

kg — Mon, 13 Oct 2008 19:19:25 +0000

Sorry, i did not know about the rules to go anywhere from the corner. BTW where did you get all the rules from ? This was not mentioned in the article.

By: n/a

n/a — Mon, 13 Oct 2008 19:18:10 +0000

A minimum of 4 dots.

By: Julian Baldwin

Julian Baldwin — Mon, 13 Oct 2008 19:13:31 +0000

This is our current thought process..

3 node linear combination’s : 8 lines x 8 ways to traverse each= 64
3 node complete triangle combination’s : 96 triangles x 4 ways to traverse each = 384
3 node broken triangle (walk three nodes not in linear orientation without walking last edge to form triangle) combination’s : 14 ways to traverse per corner x 4 corners + 28 ways to traverse per center edge x 4 centers + 56 ways to traverse starting at middle node = 224

64 + 384 + 224 = 672 possible 3 node combinations

By: Cedric

Cedric — Mon, 13 Oct 2008 19:10:21 +0000

No, this is incorrect. From a corner, you can go to more than three dots, either using a chess knight move or by going over a dot that’s already lit.

Again: there are about 380k patterns and the gory details can be found here:

http://beust.co...ves/000497.html