When it comes to security of the Nexus devices. Google is practically living a nightmare. The most recent bug in that Google needs to fix is consumer-facing and exploitable without any geeky tricks. It seems the Nexus devices are vulnerable to an exploit that lets users bypass factory reset protection.
For the uninitiated - factory reset protection has been kept in place to help you to keep your device password protected in case someone tries to reset the factory settings. It is supposed to render the phone practically unusable without the password, but a work around has emerged that does the job by pressing series of buttons. Check out the video given below to see the exploit:
Google pushed a security patch that covered the fix for this issue, but RootJunky - the first person to report the bug - has come up with yet another video that shows vulnerability of the device in spite of the patch released in January.
Although it has become more difficult to exploit the loophole, it is still achievable.This essentially sends out a message that the development and quality testing are done thoroughly. Google might take more time to provide fix for this bug, as they would like to get it right in the next release.
It has been the hot thing to make kill switches for phones recently. Carriers have been asked by government agencies to do it, states are passing laws to require it, Apple did it, and now Google is implementing it in Android 5.0, Lollipop will come with an opt-in "Factory Reset Protection" option that keeps a thief from being able to wipe your phone, making it a less appealing target in the first place.
If you activate this feature, your Google login will be required to factory reset the phone or tablet. Presumably this will also prevent factory resets through recovery-otherwise it would be pretty useless. A secure lock screen of some sort will be required for this feature as well. The feature will be built-in on all Android Lollipop.