Closed Bug 1158083 Opened 9 years ago Closed 9 years ago

[Lock Screen]If you press power key twice, the time waiting for next round of retry will be reset.

Categories

(Firefox OS Graveyard :: Gaia::System::Lockscreen, defect)

ARM
Gonk (Firefox OS)
defect
Not set
normal

Tracking

(b2g-v2.2 affected, b2g-master affected)

RESOLVED WORKSFORME
Tracking Status
b2g-v2.2 --- affected
b2g-master --- affected

People

(Reporter: yi.zou, Unassigned, NeedInfo)

Details

(Whiteboard: [2.2-nexus-5-l])

Attachments

(2 files)

Attached video 0445.MP4
[1.Description]: [Nexus5 v2.2&v3.0][Flame v2.2&v3.0]If you press power key twice, the time waiting for next round of retry to input password will be reset. Found time:04:45 Attachment:0445.MP4,logcat-0445.txt [2.Testing Steps]: 1. Set lock screen. 2. Press power key for twice. 3. Input wrong password at least 15 times. ** You must wait for a while and retry after you input the wrong password many times. 4. Press power key for twice. [3.Expected Result]: 4. When you press power key for twice, the time waiting for next round of retry to input password will not be reset. [4.Actual Result]: 3. You don't need to wait and can retry inputting password if you press power key twice. [5.Reproduction build]: N5 v2.2 build(Affected): Build ID 20150423002502 Gaia Revision b838d0e7c163e66660dcb6e387d8339944a7a30e Gaia Date 2015-04-23 02:32:46 Gecko Revision https://hg.mozilla.org/releases/mozilla-b2g37_v2_2/rev/8dce56574f28 Gecko Version 37.0 Device Name hammerhead Firmware(Release) 5.1 Firmware(Incremental) eng.cltbld.20150423.035409 Firmware Date Thu Apr 23 03:54:27 EDT 2015 Bootloader HHZ12f Nexus_5 3.0 build(Affected): Build ID 20150423160207 Gaia Revision 0c5e2ee1173f3c53379ef3cd10de714836258fe8 Gaia Date 2015-04-23 16:10:10 Gecko Revision https://hg.mozilla.org/mozilla-central/rev/22a157f7feb7 Gecko Version 40.0a1 Device Name hammerhead Firmware(Release) 5.1 Firmware(Incremental) eng.cltbld.20150423.192918 Firmware Date Thu Apr 23 19:29:36 EDT 2015 Bootloader HHZ12f FLame 2.2(Affected): Build ID 20150423002502 Gaia Revision b838d0e7c163e66660dcb6e387d8339944a7a30e Gaia Date 2015-04-23 02:32:46 Gecko Revision https://hg.mozilla.org/releases/mozilla-b2g37_v2_2/rev/8dce56574f28 Gecko Version 37.0 Device Name flame Firmware(Release) 4.4.2 Firmware(Incremental) eng.cltbld.20150423.035703 Firmware Date Thu Apr 23 03:57:16 EDT 2015 Bootloader L1TC000118D0 Flame 3.0(Affected): Build ID 20150423160207 Gaia Revision 0c5e2ee1173f3c53379ef3cd10de714836258fe8 Gaia Date 2015-04-23 16:10:10 Gecko Revision https://hg.mozilla.org/mozilla-central/rev/22a157f7feb7 Gecko Version 40.0a1 Device Name flame Firmware(Release) 4.4.2 Firmware(Incremental) eng.cltbld.20150423.193607 Firmware Date Thu Apr 23 19:36:18 EDT 2015 Bootloader L1TC000118D0 [6.Reproduction Frequency]: Always Recurrence,5/5 [7.TCID]: Free Test
Attached file logcat-0445.txt
According to https://bugzilla.mozilla.org/show_bug.cgi?id=1090758#c3, if user input wrong pwd more and more times, the delay time will be doubled for every attempt. So, if user can reset the delay by locking&unlocking device, the design will be meaningless. In other words, if device is stolen, the non-owner can try to input possible pwd constantly using the bug. So, it is also a security problem.
FWD to system frontend.
Flags: needinfo?(hcheng)
After pressing power button twice, actually the timer is not reset if you press a wrong password again. However, I would agree that user should not be able to input password immediately after back from power button which leaves a backdoor for the timer design. Maybe, we can grey out the keyboard until the time is up, but this UX design would be really bad. NI developer and UX owner for more input.
Flags: needinfo?(pla)
Flags: needinfo?(hcheng)
Flags: needinfo?(arthur.chen)
Redirect to Greg who is working on lock screen.
Flags: needinfo?(arthur.chen) → needinfo?(gweng)
While I may fix this, I think this is a bug from very old version. So we may need to add regression window wanted to make sure if it's a regression. However, maybe because security bug is first priority, whether it's a regression isn't so important.
Flags: needinfo?(gweng)
When you enter the passcode incorrectly, the dots as well as input fields turn red. Perhaps it can just reuse this state after the user presses the power button twice, and slides the unlock control to show the passcode screen again? needinfo Rob for opinion.
Flags: needinfo?(pla) → needinfo?(rmacdonald)
This bug can not be repro on latest Aries KK v2.5&master and Flame KK v2.2&2.5&master 512mb, so I close this bug, if anyone can repro it, please reopen again, thanks. Occurrence rate: 0/10 Device: Aries KK v2.5(Pass) Build ID 20151208121136 Gaia Revision 2d54c29f429bed790b5d8284633812dc2b782518 Gaia Date 2015-12-02 14:41:15 Gecko Revision http://hg.mozilla.org/releases/mozilla-b2g44_v2_5/rev/ff31a251b2f6149edf4fc0a199133ef2e190ceac Gecko Version 44.0a2 Device Name aries Firmware(Release) 4.4.2 Firmware(Incremental) eng.worker.20151208.111803 Firmware Date Tue Dec 8 11:18:12 UTC 2015 Bootloader s1 Device: Aries KK master(Pass) Build ID 20151208222037 Gaia Revision 6b430ea7274af4c352de16b75e6bb85d7621ca83 Gaia Date 2015-12-08 06:31:07 Gecko Revision https://hg.mozilla.org/mozilla-central/rev/a8965ae93c5d098a4f91ad9da72150bb43df07a7 Gecko Version 45.0a1 Device Name aries Firmware(Release) 4.4.2 Firmware(Incremental) eng.worker.20151208.213715 Firmware Date Tue Dec 8 21:37:23 UTC 2015 Bootloader s1 Device: Flame KK v2.2 512mb(Pass) Build ID 20151206032510 Gaia Revision 885647d92208fb67574ced44004ab2f29d23cb45 Gaia Date 2015-10-07 13:05:24 Gecko Revision https://hg.mozilla.org/releases/mozilla-b2g37_v2_2/rev/4381c4b69b9c Gecko Version 37.0 Device Name flame Firmware(Release) 4.4.2 Firmware(Incremental) eng.cltbld.20151206.064607 Firmware Date Sun Dec 6 06:46:19 EST 2015 Firmware Version V18D V4 Bootloader L1TC000118D0 Device: Flame KK v2.5 512mb(Pass) Build ID 20151208120554 Gaia Revision 2d54c29f429bed790b5d8284633812dc2b782518 Gaia Date 2015-12-02 14:41:15 Gecko Revision http://hg.mozilla.org/releases/mozilla-b2g44_v2_5/rev/ff31a251b2f6149edf4fc0a199133ef2e190ceac Gecko Version 44.0a2 Device Name flame Firmware(Release) 4.4.2 Firmware(Incremental) eng.worker.20151208.111719 Firmware Date Tue Dec 8 11:17:29 UTC 2015 Firmware Version V18D V4 Bootloader L1TC000118D0 Device: Flame KK master 512mb(Pass) Build ID 20151207150206 Gaia Revision 24ed003a53a81f63367e265fa7117cbe7d23d4c8 Gaia Date 2015-12-07 03:36:55 Gecko Revision https://hg.mozilla.org/mozilla-central/rev/59bc3c7a83de7ffb611203912a7da6ad84535a5a Gecko Version 45.0a1 Device Name flame Firmware(Release) 4.4.2 Firmware(Incremental) eng.cltbld.20151207.185638 Firmware Date Mon Dec 7 18:56:50 EST 2015 Firmware Version V18D V4 Bootloader L1TC000118D0
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WORKSFORME
QA Whiteboard: [MGSEI-Triage+]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: