Recent Blu Update Locks Users out of Their Phones (bleepingcomputer.com) 34
An Android update that Blu shipped to Blu One Life X2 smartphones yesterday, November 28, has locked people out of their phones. From a report: On forums, Reddit, and Blu's official Facebook page, users are complaining that after applying the update and rebooting the device, their phone won't recognize their password, PIN code, or pattern lock, even if users are 100% sure they are entering the correct data. Bleeping Computer has independently verified this bug. "I updated my BLU Life One X2 around 2 hours ago. It asks for a password in order to access Android," said one of the Blu users facing this problem. "I am completely locked out of my phone. Ever single password used is marked incorrect." After ten "failed" login attempts, the user's data is wiped from the device, according to the standard Android OS behavior.
Android more secure than macOS (Score:3)
we learned earlier today that you can spoof login to become root on macOS -- this android feature makes it much, much more secure than macOS - you cannot login as root (or anything else)
LA LA LA Android is perfect!!! Look over here see an unrelated problem on a different system. Man those guys suck!!!
The other side of that coin (Score:2)
Apple is once again a leader in usability!
Although your message is sadly dated, there's already an OSX patch out.
I'm surprised Blu is still around. Surely after the multiple spyware discoveries and all the other crap surrounding Blu, there isn't anyone left that doesn't know to avoid Blu.
Your first mistake (Score:2)
Was thinking it was your phone. You paid the manufacturer for the right to carry it around, but they get to decide what software runs on it.
Fake News (Score:2)
Everybody knows that no phone manufacturer would ever actually do any software updates.
Look at the bright side (Score:2)
Who knows, people might even discover this thing called 'outdoors' and become aware of what color the sky is.
Wiping after x failures (Score:2)
Why does anyone think this is a good idea?
My thought too. It strikes me as depending upon the thief, finder, or police inspector not knowing about that "feature", which makes it another "security by obscurity" method. And it shows a lack of confidence in encryption methods. If encryption works, then this wipe feature is at best useless, isn't it?
It enables toddlers to accidentally wipe your phone by imitating your use of the phone. Of course they could also drop your phone in the toilet. But this-- even the cat could wipe your phone. Howeve
BLU appears to be popular in Latin America (Score:4, Informative)
For those who don't know BLU, I had never heard of them either, so I assumed it is some sort of small Chinese OEM, but actually it seems BLU (Bold Like Us) phones are popular with the Latin population in the Americas. They have been known to to send data to China [cnet.com], so I guess their reputation is not top notch...
If you've lost physical posession of the phone you're already toast. As a security feature they just assume that if you can't get the password within 10 tries you're not the actual owner and it's best for the phone to wipe itself rather than site their waiting for them to brute-force it.
Also for most of your stuff it's backing up to the cloud anyways so if your phone erases itself you just get a new one, enter your Google account, and it's all still there anyways.
How BLU Turned on its user base. (Score:3)
BLU Started out to be one of the GSM Good Guys. They offered a MediaTek based, inexpensive, near Stock Android experience I own two BLU Studio 5.0C devices, and two BLU R1 HD. They didn't have locked bootloaders. They supported proper FastBoot and Recovery. Most applications were not installed in the system parition. Root was easy.
Then you found out that BLU either couldn't, or wouldn't update the version of Android on their devices, instead they would patch KitKat or Lollipop against whatever vulnerabilities they have. This was because their MediaTek Drivers made updatng the roms very likely to break things. Then, after a few years, they started dropping support for devices entirely.
Then came things like the Sponsorship deals with Amazon to put Ads on lock screens... and this started with the R1 HD... and... oh boy... here we go. Here came the locked bootloaders. Here came the Amazon Preloads of whatever App they had. When people started rooting them to get rid of that garbage, they responded by altering their Preloaders to patch out Fast Boot Access, and disable SP Flash tools. By this time there were TWRP recoveries, Alternate Stock roms, and LineageOS Builds.
They not only disabled SP Flash Tools for their Amazon suppoerted models, but every model post the R1 HD that wasn't Ad supported.
The last straw for me was the ADUPS Debacle, and the MTK Logger vulnerability, and I promise you, I will not buy another device from BLU.
Who needs testing.... (Score:2)
Real men just change the program code, of course it will work as intended!
