Factory Reset Protection Bypass Found for Nexus Devices With May Security Update: Report

Advertisement
By Abhinav Lal | Updated: 6 May 2016 17:02 IST
Highlights
  • The bypass method is complex, involving over a dozen steps.
  • With the method, thieves can completely reset a stolen device.
  • The bypass was supposedly reported to Google, and allegedly dismissed.

An Android security researcher has found a way to bypass the factory reset protection (FRP) in the latest Android 6.0.1 Marshmallow build complete with the latest May Android Security Update.

While it's a complicated process, the method detailed by RootJunky apparently manages to bypass the factory reset protection system on the Huawei-made Nexus 6P. The researcher has detailed the bypass, meant specifically for Nexus devices, in a YouTube video seen later in the article.

Advertisement

RootJunky explains that when Nexus users (or thieves) have reset their smartphones, they can skip the FRP check by disconnecting the Wi-Fi they're currently connected to. Once they have done so, they can then create a Google account by using a special apk file and the preloaded Chrome browser. After they have signed into the new account, and the phone syncs to the account, they can then reset the smartphone again - but this time, they know the password to the account the smartphone is associated with, and will have full access to the smartphone.

To recall, Google first introduced Factory Reset Protection, also known as Device Protection, with Android 5.1 Lollipop. The system is meant to ensure that if an Android device has been stolen, the thief cannot gain full access to the device even after factory resetting it. 

Advertisement

The researcher says he submitted this bypass, which he says works on Nexus devices with older security patches as well, to Google along with other privilege escalation methods as security risks. Google however did not acknowledge the bypass to be a real security risk. Of course, while the method is complex, it is not so complex that determined smartphone thieves cannot use it to reset a large number of stolen devices.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  2. Infinix Xpad 30 Pro Retail Listing Reveals Specifications, Hints at Imminent Launch
  3. OnePlus Phones Will Soon Run on ColorOS 17 Instead of OxygenOS
  4. Oppo, OnePlus Could Equip New Phones With a 10,000mAh Battery
  5. Apple Back to School Sale: Grab These Deals on MacBook, iPad Models
  1. EU Regulator Exempts Smartwatches, Other Wearables From User-Replaceable Battery Mandate
  2. The Duskbloods' Closed Network Playtest Will Take Place in August, FromSoftware Confirms
  3. Skullcandy Crusher 1080 ANC Announced With With Bose Audio, Up to 60-Hour Battery: Price, Features
  4. Infinix Xpad 30 Pro Listed on Retail Website With 11-Inch 2.5K Display and 8,200mAh Battery
  5. iPad Mini With OLED Screen to Reportedly Launch in October as Apple Prepares Base iPad, iPad Air Refreshes
  6. Google Rebrands NotebookLM as Gemini Notebook; Brings Cloud Computing and Search Integration
  7. Samsung Music Studio 5, Music Studio 7 Wi-Fi Speakers Launched in India
  8. Ostium Suspends Trading Following Oracle Security Incident Drains Millions
  9. Oppo’s New A Series, Upcoming OnePlus Mid-Range Smartphones Tipped to Launch With 10,000mAh Batteries
  10. WhatsApp Reportedly Rolls Out Mic Mode Controls for iPhone Calls
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.