Security flaw discovered on Samsung Galaxy devices, (kind of) allows lock screen bypassing

Security flaw discovered on Samsung Galaxy devices, (kind of) allows lock screen bypassing
Although the following vulnerability is not likely to expose any sensitive data stored on one's smartphone, its a flaw that must be brought to people's attention. It has been discovered that the Samsung Galaxy Note II, Galaxy S III, and perhaps other of the maker's recent Android smartphones running version 4.1.2 of the OS are affected by a glitch that exposes their home screen for a fraction of a second even if the device is protected by a PIN or pattern.

The video below demonstrates how the hack is performed by accessing the "Emergency Call" menu from the pattern lock screen and then listing the user's ICE emergency contacts list. If the home button is pressed at that time, the home screen is displayed briefly, thus letting one launch applications, assuming their fingers are fast enough. In theory, that could allow someone to call contacts listed on Direct Dial widgets, or cause other kinds of trouble. We can confirm that the hack works on a Samsung Galaxy S III running Android 4.1.2.

Of course, the flaw is no cause for major panic, but it is one that definitely shouldn't be present on a device that is supposed to be secure. In case someone can confirm the presence of this vulnerability on other Samsung Android devices, let us know down in the comments!


Related phones

GALAXY Note II
  • Display 5.5 inches 1280 x 720 pixels
  • Camera 8 MP (Single camera) 1.9 MP front
  • Hardware Samsung Exynos 4 Quad 2GB RAM
  • Storage 64GB, microSDXC
  • Battery 3100 mAh
  • OS Android 4.4.2 Samsung TouchWiz UI
Galaxy S III
  • Display 4.8 inches 1280 x 720 pixels
  • Camera 8 MP (Single camera) 1.9 MP front
  • Hardware Samsung Exynos 4 Quad 1GB RAM
  • Storage 32GB, microSDXC
  • Battery 2100 mAh
  • OS Android 4.3 Samsung TouchWiz UI

FEATURED VIDEO

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless