Samsung Galaxy S III flaw bypasses lock screen (again)
Several days ago, a flaw in the Samsung Galaxy S III interface was discovered allowing access to the phone's home screen even when a PIN or pattern lock screen was enabled. That hack, however, didn't seem as much of a threat given how little time one had to actually do something naughty with the targeted device. Yet now, another vulnerability that works in a similar fashion has been found and it pretty much bypasses the lock screen indefinitely. And that's a pretty serious privacy concern.
Here's how the hack works: from the lock screen press the "Emergency Call" button at the bottom. Then quickly press the emergency contacts button (bottom left), then the home button and then the lock key. If done properly, the next time the lock key is pressed it will take you to the Samsung Galaxy S III home screen.
Note that this hack does not work every time. First time we tried bypassing our Galaxy S III lock screen it took us about 10 minutes of trying. But then we got the hang of it and managed to hack it within 10 attempts. Also, the one who discovered the vulnerability notes that having screen auto-rotation enabled increases the chances of the hack to work. Strangely, although the hack gives access to all apps and home screens, the notification bar remains inaccessible. This flaw appears to affect Samsung Galaxy S III units running Android 4.1.2. (UPDATE: Samsung Galaxy Note II is vulnerable as well.)
So all of you, guys, holding on to a Samsung Galaxy S III protected by a PIN or pattern, keep in mind that it isn't as secure as it should be. Hopefully, Samsung will address the issue in a timely manner.