CyanogenMod Android ROMs Accidentally Logged Screen Unlock Patterns 69
tlhIngan writes "Heads up CyanogenMod users — you will want to update to the latest nightly build as it turns out that your unlock patterns were accidentally logged. The fix has been committed and is in the latest build. While not easy to access (it requires access to a backup image or the device), it was a potential security hole. It was added back in August when Cyanogen added the ability to customize the screen lock size.`"
Re:Accidentally? (Score:5, Informative)
The guy is part of the Cyanogenmod team, he used his username so he could grep the debug output he created with that log line while a testing a feature he was working on.
To sum it up:
Not a big deal, just left over debug code.
Not really a vulnerability either, because in most cases where you can read the local log file you already unlocked the phone in the first place.
--
Me
Re:Excuse me, but... so what? (Score:2, Informative)
You have to unlock it to access the dialog to enable USB storage.
Maybe you are thinking of USB debugging?
Re:Accidentally? (Score:5, Informative)