Nah, Google has just never given a shit about their shitty products full of bugs, bloat, horrible UIs, and constant API changes for sake of change and keeping devs busy.
Ridiculous that David had to go to that extreme to get Google to move on it... can't say I'm entirely surprised though. And the reflection in someone's glasses is a big security problem if you consider that many people log into secure internal systems during video-conferences. The info on their screen could be all sorts of data... from login details to customer private data to confidential business info. Even worse if someone hacks into their webcam when they _aren't_ on a video call & can observe whatever they are working on.
Yes, everyone knew that, the way google acted. Likely, this "vulnerability" was being used in the spy community, and this revelation was probably going to mess up some crucial active operation
I've personally used people's glasses reflection for my own benefit in the past playing Yu-Gi-Oh as a kid lol. I could see their hand and use that info to play accordingly. Fun times 😂
Only thing I find surprising in the case was that Google finally received the customer feedback and even bothered to fix the issue. Usually, Google hasn't given a shit about customer feedback nor particularly cared about issues in their products.
@@the-matrix-has-you It has everything to do with it. The topic was literally recognizing what's on the screen through the reflection on the specs, which is exactly what happened in the situation OP describes. I mean how dumb you have to be to not understand it? *facepalm
@@garneet ok let me summarize what happened in video guy has input his pin code 3 times locks himself out of system and only way to gain Access again is a PUK code he put the PUK Code in but Android is hanging and not showing the security password area right so he tried the same procedure again to repeat the process after that he knew that he has found a bug in Android system so the videos Topic is a bug in Android System on Google Pixel Phones. Not about some CSGo lamer who is using wallhack and getting busted cause he was just dumb enough to wearing glasses while recording himself... I dont see a similarity between if you can see one you might be high Stop using it bro🤣🤣🤣
I was reading about this yesterday, I hadn’t thought about PUK codes for over 10 or 15 years until then. I wonder what made him even think of trying it, I don’t even know my current PUK code tbh. Great explainer, especially happy you shared this as it exposes how much google dragged their feet with this.
Yeah, it really shows how much any company actually cares whenever they talk about security or keeping users safe, then they proceed to give everyone an annoyed sigh saying they'll fix their problems.
Many people announcing that would just decrease their credibility. So they can't abuse that. There is nothing stopping them from using it occassionally though.
I'm sure this was actually made by design, they were gently trying to communicate that it's likely being used actively by some 3 letter agency to defend the world or save Ukraine
Eventually people would just stop reporting bugs, it's much better for them to spend a tiny fraction of their yearly profits on paying out bug bounties. 70k is literally nothing to Google
It's worth mentioning that the sim attack does not "Decrypt" your phone, that's why the phone has to be on and not rebooted. Decryption happens on first entry after boot only. Afterwards it's just a password.
@@thethiny Yeah, had to rewatch the video.. actually there are severe gaps on the story.. Indeed the phone got "stuck forever" in first place when he needed to enter the PUK due to forgotten PIN. Then, there was never mentioned any of those very relevant things: - Why did that happen. It surely should have shown the lock screen. - How did he get the phone working then. Supposedly by rebooting, which leaves the aforementioned as a mystery occurence, and subsequent details untold.
@@TheSimoc 1- this was the bug. When you enter sin pin code it takes you home and forgets to check lock screen, since lock screen is no longer needed after first unlock. 2- He said (original guy, not video) that it was his phone so he knew the password.
this has been a persistent issue in android since like 7 or 8. People have been using it to bypass factory reset protection (referring to sim card pins in android in general)
The reflections thing has been done if not with glasses before. I.e window reflections on security cam’s. Its not a generally reliable tactic beforehand but has popped up for finding identifying information before.
@@nathnathn It's cute that you think he was talking about the US. It's a universal fact amongst humans, they're lazy. I wouldn't call it corruption per se, but it's a select few that actually do their job and investigate crimes. The majority of good cops are beat cops who aren't even allowed to do the investigating and the actual detectives just halfass it. It's also cute that you think corruption is worse in the US than literally everywhere else.
Geez, that bug was present on my first Android phone that was running on 4.0.4, though. Restart, sim code, and you didn't need a password to access the phone. I wish I knew that I could get 70k for that.
The $70k look almost like a bribe to shut up. The act doesn't seem to be doing the right thing. If it was, then what with the silence treatment, no actions to fix, and the so-called "duplication" report.
I think if companies did try to start checking glasses reflections to monitor what their users are doing it could potentially be seen as a form of discrimination based on someone's health and land companies in some legal troubles
shix its not a thing yet , and ppl already label it a discrimination., companies don't gotta go this far to know wassup ,they'll just mandate software/keyloggers only staLKers would go this far and also measure the shadow of sunlight.etc..... we're fuxked as a species , when ppl are on crack all day to be this woke about everything
Interestingly, my phone Realme X7 with it's Android splinter also had this bug however, the moment you got into the main page however, it would immediately kick you off the page and send you back to lockscreen
If Project Zero can do 90-day deadlines, so can we. Probably right call to accept their release date, but also the right move to inform a vendor that public interest means you will disclose if they do not respond.
I kind of like the idea of having to wear polarizing glasses just to view what’s in the screen. I suppose that would be a mitigation to the reflection problem, though it’s still uncommon.
Astrophotographers use that same technique of overlaying hundreds of images to produce a single sharp image of a planet or nebula. Its not that far fetched (pun intended)
Actually, no. The process is significantly different both on what the source material is and how to get to the final result. The idea is the same, but the practical application is nothing alike.
I've always disliked Android's lock screen security, it honestly seems like older models can do it better while newer ones are setup in a way that favors the gov in case they need to break into your device
It is also included on the plastic card you have to punch the sim out of when you get it, also bear in mind the sim card lock and the PUK is tied to the SIM. Thus you do not need access to their SIM's PUK code, you simply need to be in possession of both the phone and a SIM with a sim lock set that you have the PUK code for, simply swap that in and bingo. Granted this doesn't let you bypass any SIM lock on their card so no sending or receiving future calls or texts to their number. But it does give you access to all data stored on the phone including any and all stored credentials with that information a social engineering attack on the mobile network to request a sim swap is likely to succeed in getting you the former too. Those credentials are likely to include sites that contain all of the customers personal information which could be used to trick customer service into believing you are them. You would likely be able to provide full name, address, phone numbers, email addresses, and likely answer detailed specific questions about their billing history with the phone company if they have their app installed etc, also last 4 digits of payment cards and bank accounts is likely to be available too. Suffice to say that is exactly the sort of information you need to get around phone based identity verification pretty much.
I always giggle at the way you say depreciated , it sounds like it's head is getting chopped off! Is that how it's normally pronounced? We say it very different in Australia
this doesnt seem to be an "encryption bypass" the device has to be in AFU to be unlocked (aka, after it has been decrypted in ram) as seen, when the device is in BFU (right after booting) it is not vulnrable to this, and just glitches out since it doesnt know how to decrypt the phone.
Wait a min, so google payed someone 100k for submitting a bug that they could not replicate and payed 70k for the same bug that was explained better? How did they know the bug was real if they cannot replicate to verify? Anyone can make shit up.
After trying on my Nokia X20. Well.... I tried it 5 times and I only got it to work once I guess. I think it works a little bit different on all phones and I messed up once and did it by accident.
i remember doing that to a samsung device about 8 years ago, at that time i was too naive to realise it was a security vuln, very funny seeing this pop back up
If Google patches it like that does that mean that it will go out to all other Android systems too how far back does this bug go can you do it with old cell phones
The way that was handled, almost sounds like he discovered a feature..
somehow that doesn't sound implausible 🤔
putting on my tinfoil hat.... a govermemt glowie feature
I'm sure it was actively being used by a 3 letter agency, likely in an active operation we'll hear about decades from now
@@MM-24 You won't hear about it.
Exactly my thoughts!
Theory: google actually put this as a backdoor access feature
Instructions unclear, phone boots into IOS now. Need itunes account.
🤣🤣🤣♥️
google sucks
I guess lock screen bypass was google's backdoor otherwise who would not take such critical yet easy vulnerability seriously 😁
Yeah was wondering the same thing. Would not be the first software caught with a backdoor.
Nah, Google has just never given a shit about their shitty products full of bugs, bloat, horrible UIs, and constant API changes for sake of change and keeping devs busy.
Ridiculous that David had to go to that extreme to get Google to move on it... can't say I'm entirely surprised though. And the reflection in someone's glasses is a big security problem if you consider that many people log into secure internal systems during video-conferences. The info on their screen could be all sorts of data... from login details to customer private data to confidential business info. Even worse if someone hacks into their webcam when they _aren't_ on a video call & can observe whatever they are working on.
Yes, everyone knew that, the way google acted. Likely, this "vulnerability" was being used in the spy community, and this revelation was probably going to mess up some crucial active operation
Use a password manager and signed certificates for internal systems.
I've personally used people's glasses reflection for my own benefit in the past playing Yu-Gi-Oh as a kid lol. I could see their hand and use that info to play accordingly. Fun times 😂
Only thing I find surprising in the case was that Google finally received the customer feedback and even bothered to fix the issue. Usually, Google hasn't given a shit about customer feedback nor particularly cared about issues in their products.
Update your body's firmware and get lasik surgery: bug patched 👍
I remember this CS:GO streamer was using wall hacks and you could see it in the reflection of his sunglasses lol
It has nothing to do with it🤣🤣🤣 you saw someone using csgo hack thats all
@@the-matrix-has-you I mean it kinda does have to do with the video. This comment is pretty funny!
@@the-matrix-has-you i mean its literally also reflection in sunglasses, so its somewhat related
@@the-matrix-has-you It has everything to do with it. The topic was literally recognizing what's on the screen through the reflection on the specs, which is exactly what happened in the situation OP describes. I mean how dumb you have to be to not understand it? *facepalm
@@garneet ok let me summarize what happened in video guy has input his pin code 3 times locks himself out of system and only way to gain Access again is a PUK code he put the PUK Code in but Android is hanging and not showing the security password area right so he tried the same procedure again to repeat the process after that he knew that he has found a bug in Android system so the videos Topic is a bug in Android System on Google Pixel Phones. Not about some CSGo lamer who is using wallhack and getting busted cause he was just dumb enough to wearing glasses while recording himself... I dont see a similarity between if you can see one you might be high Stop using it bro🤣🤣🤣
tried it on my Pixel 4a 5G...
even though it said that this bug was discovered on Pixel 6 & 5, apparently it does work for older phones as well
bugs are backwards compatible
just like modern phones can be destroyed with a tank, old phones can be destroyed too
@@fliporflop7119 not all bugs are backwards compatible
I tried this on my S10E Samsung and on October patch was still working, on November patch not.
If u don't get patch u already screwed
Woah im early
I was reading about this yesterday, I hadn’t thought about PUK codes for over 10 or 15 years until then. I wonder what made him even think of trying it, I don’t even know my current PUK code tbh. Great explainer, especially happy you shared this as it exposes how much google dragged their feet with this.
Yeah, it really shows how much any company actually cares whenever they talk about security or keeping users safe, then they proceed to give everyone an annoyed sigh saying they'll fix their problems.
Might be intentional
They could just reply to every bug reporter that their find was duplicate, nothing really stops it. Glad he got rewarded though
Many people announcing that would just decrease their credibility. So they can't abuse that. There is nothing stopping them from using it occassionally though.
I'm sure this was actually made by design, they were gently trying to communicate that it's likely being used actively by some 3 letter agency to defend the world or save Ukraine
@@MM-24 or likely neither of those
You should tell them you have the bug and then arrange the payment legally at a notary if they're interested before you demonstrating it.
Eventually people would just stop reporting bugs, it's much better for them to spend a tiny fraction of their yearly profits on paying out bug bounties. 70k is literally nothing to Google
It's worth mentioning that the sim attack does not "Decrypt" your phone, that's why the phone has to be on and not rebooted. Decryption happens on first entry after boot only. Afterwards it's just a password.
Thanks
I didn't get your point. In the video the phone *was* rebooted if I got it right?
@@TheSimoc he showed that when it rebooted it got stuck forever.
@@thethiny Yeah, had to rewatch the video.. actually there are severe gaps on the story.. Indeed the phone got "stuck forever" in first place when he needed to enter the PUK due to forgotten PIN.
Then, there was never mentioned any of those very relevant things:
- Why did that happen. It surely should have shown the lock screen.
- How did he get the phone working then. Supposedly by rebooting, which leaves the aforementioned as a mystery occurence, and subsequent details untold.
@@TheSimoc 1- this was the bug. When you enter sin pin code it takes you home and forgets to check lock screen, since lock screen is no longer needed after first unlock.
2- He said (original guy, not video) that it was his phone so he knew the password.
this has been a persistent issue in android since like 7 or 8. People have been using it to bypass factory reset protection
(referring to sim card pins in android in general)
"Let me know if your phone is vulnerable."
Nice try glowie
A patch for this was already developed by the Graphene OS team on June 13 but google didn't accept the patch.
That's pretty cool. Do you know what codebase has the lock screen? Kinda wanna see it now.
The reflections thing has been done if not with glasses before. I.e window reflections on security cam’s.
Its not a generally reliable tactic beforehand but has popped up for finding identifying information before.
Thats cute that you think police do any investigating.
@@forestcityfishing4749 you do know places other then the US exist?.
Though we do have our own corruption issues here there nothing like in the US.
@@nathnathn It's cute that you think he was talking about the US. It's a universal fact amongst humans, they're lazy. I wouldn't call it corruption per se, but it's a select few that actually do their job and investigate crimes. The majority of good cops are beat cops who aren't even allowed to do the investigating and the actual detectives just halfass it. It's also cute that you think corruption is worse in the US than literally everywhere else.
Geez, that bug was present on my first Android phone that was running on 4.0.4, though. Restart, sim code, and you didn't need a password to access the phone. I wish I knew that I could get 70k for that.
The $70k look almost like a bribe to shut up. The act doesn't seem to be doing the right thing. If it was, then what with the silence treatment, no actions to fix, and the so-called "duplication" report.
This has been a back door for android for a few years now, there are videos going far back on how to bypass 🔒 with the same sim method
or the one with the speech assistant and the help links that open chrome XD
@@SDogo many have came and gone, rip exploits 😂
@@SDogo yes but they need AFU mode to work. This work in BFU.
0:55 Your phone doesn't ask for the SIM pin code? Every phone I've ever owned in Germany has this as a feature I cannot turn off.
TIL I guess.
you can remove the SIM PIN code, then the phone won’t ask for ot
@@chri-k Why would you though, I wonder.
70k is way to low of a reward
I was able to recreate this on 2 different Samsung devices sooo....
"It is not a bug, it is a feature."
his simcode is 0000. lets be realistic , no1 changes sim pin.
This doesn't seem like an bug, it bypasses encryption .....
My oneplus 7 pro with android 11 and security patch from June 2022 is not vulnerable to the lockscreen bypass.
I think if companies did try to start checking glasses reflections to monitor what their users are doing it could potentially be seen as a form of discrimination based on someone's health and land companies in some legal troubles
shix its not a thing yet , and ppl already label it a discrimination., companies don't gotta go this far to know wassup ,they'll just mandate software/keyloggers only staLKers would go this far and also measure the shadow of sunlight.etc..... we're fuxked as a species , when ppl are on crack all day to be this woke about everything
Hacker: Spends days of there time trying to find a vulnerability.
Random researcher: oh nonono 🤣
Get off TikTok bud
@@rp479 huh?
Interestingly, my phone Realme X7 with it's Android splinter also had this bug however, the moment you got into the main page however, it would immediately kick you off the page and send you back to lockscreen
And this is proper, on Samsung S10e also show u main but lock you up after any interaction even plugin USB device.
If Project Zero can do 90-day deadlines, so can we.
Probably right call to accept their release date, but also the right move to inform a vendor that public interest means you will disclose if they do not respond.
Wow!!! "Google phone 7 has amazing security"
What if Google intentionally left the backdoor for govt? That's why they didn't fix it in time.
I kind of like the idea of having to wear polarizing glasses just to view what’s in the screen. I suppose that would be a mitigation to the reflection problem, though it’s still uncommon.
Astrophotographers use that same technique of overlaying hundreds of images to produce a single sharp image of a planet or nebula. Its not that far fetched (pun intended)
Actually, no. The process is significantly different both on what the source material is and how to get to the final result. The idea is the same, but the practical application is nothing alike.
i have potatovision 480p camera from 2000-2010 era (more or less) - i'm safe :)
I've always disliked Android's lock screen security, it honestly seems like older models can do it better while newer ones are setup in a way that favors the gov in case they need to break into your device
Why do you say that?
now my sim is locked and i lost my puk code, thanks
Big L for Google that they didn't handle it better.
No one is perfect
I remember similar exploits like this on the Galaxy S7.
Im using s7 edge right now, can you tell me how you did it?
$70,000? Holy shit, I mean it's Google, they basically print money.He had to be losing his mind once he got that email $70,000 babay
😂😂😂
This bypass even if release without a patch, will still need a working puk code though, which only telecom providers have access to.
It is also included on the plastic card you have to punch the sim out of when you get it, also bear in mind the sim card lock and the PUK is tied to the SIM. Thus you do not need access to their SIM's PUK code, you simply need to be in possession of both the phone and a SIM with a sim lock set that you have the PUK code for, simply swap that in and bingo. Granted this doesn't let you bypass any SIM lock on their card so no sending or receiving future calls or texts to their number. But it does give you access to all data stored on the phone including any and all stored credentials with that information a social engineering attack on the mobile network to request a sim swap is likely to succeed in getting you the former too. Those credentials are likely to include sites that contain all of the customers personal information which could be used to trick customer service into believing you are them. You would likely be able to provide full name, address, phone numbers, email addresses, and likely answer detailed specific questions about their billing history with the phone company if they have their app installed etc, also last 4 digits of payment cards and bank accounts is likely to be available too. Suffice to say that is exactly the sort of information you need to get around phone based identity verification pretty much.
new market for low-res webcams
Google is incompetent.
The US backdoor are closed xD
when one backdoor close, another opens
a bacwindow has been created as a replacement
and if not that, then at least back chimney 🤣
I always giggle at the way you say depreciated , it sounds like it's head is getting chopped off! Is that how it's normally pronounced? We say it very different in Australia
this doesnt seem to be an "encryption bypass"
the device has to be in AFU to be unlocked (aka, after it has been decrypted in ram)
as seen, when the device is in BFU (right after booting) it is not vulnrable to this, and just glitches out since it doesnt know how to decrypt the phone.
U don't need AFU, if u hear this after battery was depleted.
"Government and bad actors..."
Surely you meant "Government and OTHER bad actors"
Thank you for the informative video
My phone has like 10 Chinese malwares running on it, so this has to be the least of my worries at this point 😅
What if a phone doesn't have biometrics lock?
then skip that step
@@chri-k aight
the irony of me getting a Google Pixel ad on this 😂
This is why I like Samsung secure folder. I can at least put another pin in the way of stuff. Not much, but I appreciate the feature.
Same
Wait a min, so google payed someone 100k for submitting a bug that they could not replicate and payed 70k for the same bug that was explained better? How did they know the bug was real if they cannot replicate to verify? Anyone can make shit up.
i think there was a misunderstanding - first guy was likely not paid at all
There's probably a dozen Nigerian shop specializing in this exploit.
(Glad your friend David got his bounty tho 👍)
The first fucking time I’ve got an advertising it wasn’t for Google pixel but of course it was for fucking Google fiber
I just tried it on Redmi Note 7 Global on Lineage OS 18.1, doesn't work, just gets stuck on the lock screen
After trying on my Nokia X20. Well.... I tried it 5 times and I only got it to work once I guess. I think it works a little bit different on all phones and I messed up once and did it by accident.
There is no device that is secure, unless it is disconnected, powered off and hidden in a vault miles underground.
What if someone digs a tunnel underground and then drills through the vault?
Love the channel
The bug was left unpatched because law enforcement was actively using it.
I have tried in most Xiaomi device with A12 Thankfully its not working
i remember doing that to a samsung device about 8 years ago, at that time i was too naive to realise it was a security vuln, very funny seeing this pop back up
Yet another reason to not use Android
another reason not to use phones
There is also another unpached bug that's allows to suppress lockscreen. I also reported it and get similar answer.
i know a bug for all devices to bypass the pin and password get full access to everything
Dude using PUK code to bypass phone pin, been around since 2001
This is pretty bad lol so the SIM cards have authority over everything lol
Lolll google said they already received that bug report. Lolllll you believe that? They say that so they don’t have to pay
Lolll google said they already received that bug report. Lolllll you believe that? They say that so they don’t have to pay
8:10 This could apply today to livestreamers and content creators
8:58 *AMONG US?!*
(this is just a stupid joke. chill)
Wow you are late toooo much cmon...it is patched already🤦🤦🤦
If Google patches it like that does that mean that it will go out to all other Android systems too how far back does this bug go can you do it with old cell phones
TIL american SIM cards aren't protected by a PIN by default
using a pin locked sim to bypass lock screen and frp has been around for a little while now
The bug doesnt work on my tealme
Might have to start using non reflective glasses or contact lens
use white and black camera and very cheap one for best privacy or just don't use camera
Samsung phones aren't affected as for other OEMs not sure
Good thing my laptop's webcam is complete shit
Backdoor 100%. Also why he was ignored
who still has that thing with the puk on it from their sim card? i doubt i do... idek.
i dont buy this that it was a mistake, i think that it was left like that intentionally..
I think the way to get around peeking is to where contact lenses?
i got locked out of my phone today pls tell me a working way for the pin code
What about pattern lock, there is no way to put puk code in there.
... you could also just take of your glasses if you are near sighted (can't see things that are far away)
I use a dslr daily as my webcam, but I don’t wear glasses 😊
David=Randal from Recess✍️
I read this on twitter, and well he should be thankful to that google employee for giving her hairpin 😂
Wait you guys don't have to enter pin after every restart?
That looks like what was shown in the movie Eagle eye
Is the raid forums 2.0 a scam or is it legit?
5:49 - isn't that FTX's Sam (SBF)?
Time Google is shut down
me who doesn't have a sim card 😎
Well it didn't work for me .
I got a google pixel ad on this video.
This why we used to root out phones
Nokia has this bug?