So, one of the great things about writing for the blog is being able to converse with the many people who share a similar passion to me.  Which is why I love seeing your comments and replies on here and on G+.  I try to reply to as many as possible!

We also get some feedback and tips.  A few days back I got a tip from one of our readers in Montreal, Sivan.  (you know her?  everybody knows Sivan – she once made an ICS Android cake)

She suggested I look into a bug her son found on her Transformer Prime.

As the story unfolds, just about every Transformer tablet comes with an app called “App Locker“, which is a great little app to help password protect a single app on your tablet.  Sivan was using it to lock out the Play Store, so her kids wouldn’t buy tons of games on her credit card.  (Smart idea, wonder why I didn’t think of it sooner.  I don’t know how many times I’ve been able to notice that “purchase key” pop up on my phone when my son plays Cut the Rope.)

Well, kids being ingenious as they are, hers somehow entered a magical combination that wasn’t the password which borked App Locker.  This caused it to force close and then allowed the Play Store to load normally.  The magical combination?  Just a simple emoticon.

:-[

I was sceptical.  Some random emoticon, something so simple was able to out manoeuvre a security app?  So I had to give it a try.

Kid was right.

So, in the video you see me trying out both AnySoft Keyboard and SwiftKey keyboard; and I’ve tried it out with Thumb Keyboard and the Asus one as well.  If your keyboard is able to reproduce the emoticon :-[ then it’ll crash the app and gain you access to what it was blocking.  Some keyboards allow it to crash on other emoticons… depends on what you have.

The photos show the app in the app tray, then locking the Play Store, then you’ll notice in the app tray, the Play Store now has a lock icon on it.  Clicking on the Play Store brings up the App Locker password screen.  When you enter the emoticon it crashes the app, opening the Play Store.

I think it has something to do with one press being able to enter in multiple items (yet a  doesn’t crash it… weird) in a single keystroke that causes it to go kerplooey.

The weird thing is that App Locker is still thinking that it’s doing it’s job.  If your kid does this to your tablet, you’ll still see the lock icon on the app (the notification may or not be there, depends), and if you open App Locker it’ll say it’s still activated.  The only way to make sure it is, is to de-activate it, then re-activate it.

I’ve contacted Asus about this bug and I’ll let you know when I hear some answers.

I don’t normally like to report on bugs or something like that as I know it can be cause for that whole FUD (fear, uncertainty, doubt), but I’ve tested it.  It happens.  And, especially in the case of handing over your tablet to a child who presses a lot of things, chances are they could buy some app on Play Store.  That could cost you money.  Sure it may not be the most expensive app (like that Vuvuzela one), but the scare for me is that even though it’s been compromised, it still acts as though everything is fine.

If you have this issue on your tablet, I recommend for the Play Store to set up a PIN in the app to protect it buying stuff without the proper PIN (I haven’t been able to crash that).  But if you’re protecting some other app, might want to take a look at another security app in the interim (i.e. until Asus can find the bug and fix it).

So, do you have an Asus tablet with App Locker?  Give it a try and see if you can reproduce the issue as well.

Do you use App Locker?  I didn’t until this was pointed out.