screen visible before unlocking

Added by Fil Lupin about 5 years ago

Hi there,
I recently realized that when locked and then attempting to unlock (first time only), the content of the screen is visible for a short time (about 1 second). This can show private informations.

Context :
- Replicant locked
- Settings/Security/Screen lock set to "Password"

Issue :
- Phone automatically locked after the configured time into settings
- When I wake up the phone (by pushing any button), the last screen show up for one second before asking for the password

Ideas :
- It seems optimization (double buffering content of the unlocked screen) collides with security there. The solution could probably that when locking the phone, replicant erase the screen buffer if unlocking needs a password/SIM/etc.

Replies (5)

RE: screen visible before unlocking - Added by Fil Lupin about 5 years ago

Any idea ? Is my question clear or can I make it clearer ? :)

RE: screen visible before unlocking - Added by My Self about 5 years ago

Any idea?

This seems to be the case, because Android > CyanogenMod > Replicant often taking screenshots - even before the devices go to sleep. The screenshots are the base of the "screen-off animation" for example, and will be taken for other parts like the mini-preview of all your opened (background-)apps inside the "recent apps switcher"...
The problem comes up, because Replicant does not provide the proprietary accelerated graphics drivers and so can't take screenshots.
(You can test that it is not possible, if you take a screenshot by yourself. The error occurs, that the screenshot could not be saved).
So Replicant want to show you it's beautiful faded screen-on animation if you wake the device, but has no screenshot to do so. So you get the (very short) look at the raw screen, as it was before the device went to sleep.

I personally has installed the proprietary accelerated graphics drivers, (the "why?" can you read here): (of course - this is not recommended).
One of the side effects are, that I don't have this behavior (you described) anymore, because I also can take screenshots now.

I think, here could be some programming work necessary, to avoid this behavior on devices without that proprietary drivers, (in other words on Replicant).
Probably it does make sense, to open an issue for that security related problem?

RE: screen visible before unlocking - Added by Paul Kocialkowski about 5 years ago

Oh, I thought this was because the framebuffer is only updated moments after the backlight goes up again.

I'm pretty sure we have fully disabled the animations, so I'm not entirely sure it has to do with screenshots. I quick way to find out would be to write a black image to the framebuffer when the backlight is off and see if the previous screen still shows up or not.

This is a bug that is worth fixing. Please open a ticket about it so that we can keep track of it!

RE: screen visible before unlocking - Added by My Self about 5 years ago

I'm pretty sure we have fully disabled the animations [...]

I don't know. All I realized after "installing" the proprietary accelerated graphics driver-files was, that the (Phaser Beam) "Screen-off animation" (under Settings -> Display, which is enabled by default on Replicant) worked out of the box.

I've opened a ticket for that:
@"Fil Lupin": You can "Watch (star)" the ticket if you like, to keep informed about the progress.