updated 10:35 pm EST, Fri November 11, 2011
Galaxy Nexus may show possible face unlock trick
An Indonesian test (video below) of the Galaxy Nexus may have uncovered an exploit in Android 4.0's face unlock feature. Despite claims by Google's Developer Advocate Tim Bray that it required a live person to unlock the phone just by staring at the front camera, SoyaCincau has shown that it appears to respond to a static photo, in this case one sitting on Samsung' own Galaxy Note. To prove it, the site tried the unlock three times in a row.
Some concern has existed over the authenticity of the trick, with some accusing the site of using the photo to set up the initial recognition and make it easy for the Galaxy Nexus to recognize the same image. The site rejected this and pointed to its earlier hands-on video as proof, where the photographer clearly set up the face recognition from the phone and not a photo.
While there's no guarantee that the photo method would be reliable, that it works at all could prove a potentially serious vulnerability, albeit in limited situations. Those who want to compromise a phone in person and who know the owner's face, or who even make a good guess based on an Internet image, could have a crack simpler than a pattern or PIN code. Owners who are in situations where a face unlock hack might be realistic will still have a simple workaround in using a standard code or pattern.
Google hasn't responded to the discovery. The Galaxy Nexus and Android 4.0 are slated to arrive as soon as next week. [via The Next Web]