Security flaw discovered on Samsung Galaxy devices, (kind of) allows lock screen bypassing

Security flaw discovered on Samsung Galaxy devices, (kind of) allows lock screen bypassing
Although the following vulnerability is not likely to expose any sensitive data stored on one's smartphone, its a flaw that must be brought to people's attention. It has been discovered that the Samsung Galaxy Note II, Galaxy S III, and perhaps other of the maker's recent Android smartphones running version 4.1.2 of the OS are affected by a glitch that exposes their home screen for a fraction of a second even if the device is protected by a PIN or pattern.

The video below demonstrates how the hack is performed by accessing the "Emergency Call" menu from the pattern lock screen and then listing the user's ICE emergency contacts list. If the home button is pressed at that time, the home screen is displayed briefly, thus letting one launch applications, assuming their fingers are fast enough. In theory, that could allow someone to call contacts listed on Direct Dial widgets, or cause other kinds of trouble. We can confirm that the hack works on a Samsung Galaxy S III running Android 4.1.2.

Of course, the flaw is no cause for major panic, but it is one that definitely shouldn't be present on a device that is supposed to be secure. In case someone can confirm the presence of this vulnerability on other Samsung Android devices, let us know down in the comments!


Related phones

GALAXY Note II
  • Display 5.5" 720 x 1280 pixels
  • Camera 8 MP / 1.9 MP front
  • Processor Samsung Exynos 4 Quad, Quad-core, 1600 MHz
  • Storage 64 GB + microSDXC
  • Battery 3100 mAh(16h 3G talk time)
Galaxy S III
  • Display 4.8" 720 x 1280 pixels
  • Camera 8 MP / 1.9 MP front
  • Processor Samsung Exynos 4 Quad, Quad-core, 1400 MHz
  • Storage 32 GB + microSDXC
  • Battery 2100 mAh(11.60h 3G talk time)

FEATURED VIDEO

38 Comments

1. PapaSmurf

Posts: 10457; Member since: May 14, 2012

I will admit, it has happened ONCE, and that's because I was running Pandora, updating apps, and have Power Saving Mode on (idk why) but hasn't happened ever since. I just tried this on my GS3 and it didn't work.

11. Mxyzptlk unregistered

Security needs vast improvement.

20. PapaSmurf

Posts: 10457; Member since: May 14, 2012

I know in iOS 6. Tell Apple to fix that ASAP.

21. techspace

Posts: 1037; Member since: Sep 03, 2012

to be honest, i think apple ios will remain the most secure os for a long time and its easy to push in more, quicker security updates on ios forget about android not being secure, even we don't know how many things we do on our devices to make them even more insecure, especially with the custom builds(rooting) i am not talking about this minor issue(samsung's lock screen bypassing) , i am talking about android in general........we don't know about the future, but today android is more vulnerable

23. PapaSmurf

Posts: 10457; Member since: May 14, 2012

I'd have to give BB credit. Blackberry is probably in my book the most secure.

27. Mxyzptlk unregistered

Certainly not financially secure.

36. techspace

Posts: 1037; Member since: Sep 03, 2012

bb is vulnerable today, bb10 can be affected sooner or later ios and android are more popular and have a lot of apps, we can talk about bb if it remains as secure even after getting more apps and attention and the playbook can run malicious android apps as well

25. hiBreed

Posts: 90; Member since: May 29, 2012

Are u high on crack? Since when did ios become the most secure os. Blackberry would remain the most secure os, even if they had a 1 month holiday

34. techspace

Posts: 1037; Member since: Sep 03, 2012

bb pin to pin messages are insecure......every hacker is saying that bb is vulnerable, don't talk about the age old useless bb phones, look at the latest ones.....they are vulnerable today, anything could happen if bb becomes more popular and gets more attention(especially hacker's attention) like ios and android....we don't even know what will happen if they get hundreds of thousands of apps like ios and android talk about bb10,not about the useless older versions..... how can you say that its secure, you can say that after giving it sometime talking about older versions, bb playbook ran android apps and games.....even the ones that were malicious

35. techspace

Posts: 1037; Member since: Sep 03, 2012

wait for a couple of years, you will understand who is right and who is crack.....don't talk about what happened in the past when they had no attention, no proper OS like bb10 and bb services don't even work sometimes.... there were times when people like you said that mac os x was really very secure, what happened today? apple offers great security to ios, jailbreaking the phones is becoming harder and harder day by day, they are hiring many hackers, their hard work on ios is evident..there are almost a million apps and none of them have malware, even the ones that crept in were thrown away

26. ZeroCide

Posts: 813; Member since: Jan 09, 2013

Your comments need vast improvemant too.

22. techspace

Posts: 1037; Member since: Sep 03, 2012

is it working when you are on wifi and when you are on power saving mode? just try it and tell me.........and are you using the international version?

24. PapaSmurf

Posts: 10457; Member since: May 14, 2012

T-mobile Galaxy S3. I tried again. It works, but it only shows the homescreen for 1/16 of a second which really isn't an issue to me. All I have is the weather widget, camera, gmail, etc. and that's it. This little flaw doesn't affect me at all and don't care about it. Now getting to my text messages and such, that's a different story lol.

37. techspace

Posts: 1037; Member since: Sep 03, 2012

you are right, its not a serious problem.....and thank you for the info

2. hung2900

Posts: 966; Member since: Mar 02, 2012

Did Apple patent security lock flaws?

9. Mxyzptlk unregistered

Apple has nothing to do with the article.

18. tedkord

Posts: 17356; Member since: Jun 17, 2009

Sure they do. They're your motivation for posting in every Android article. They're your motivation for life, spreading the gospel of Apple.

33. nicholassss

Posts: 368; Member since: May 10, 2012

plus wasnt there news about a similar issue with iOS 6?

3. ama3654

Posts: 295; Member since: Nov 27, 2012

Just go to settings, lockscreen and use password(High Security), problem solved!

12. Mxyzptlk unregistered

That doesn't solve anything.

17. procopiojose

Posts: 132; Member since: Oct 26, 2012

nothing can be accessed from your phone anyway.. people can live with it.. once the lock screen get activated, any window behind it is closed..

4. Nathan_ingx

Posts: 4769; Member since: Mar 07, 2012

iOS 6.1.1 The pioneer of lock screen bypassing.

14. nlbates66

Posts: 328; Member since: Aug 15, 2012

wasn't it more like iOS 2.1 or iOS 4.1 that had the original glitch on iOS?

5. GALAXY-STORM

Posts: 328; Member since: Oct 13, 2012

Great idea, Just in case if i forget the pattern combination. Thanks

6. omarr

Posts: 149; Member since: Sep 15, 2012

Apple will sue them I am sure

7. spideyhead256

Posts: 148; Member since: Nov 05, 2012

Let the samsung flaming,and the down votes,COMMENCE! =P

8. thachlel

Posts: 75; Member since: Apr 20, 2012

FYI, set pin security is still the same as pattern! 4.1.2

10. dexter_jdr

Posts: 1163; Member since: Jun 28, 2012

*eats popcorn*

13. KParks23

Posts: 725; Member since: Oct 13, 2010

This woks as described just tried it not really a big deal as it only shows ur home screen for a split second but still should not happen

15. amozhi

Posts: 131; Member since: Oct 23, 2012

Nope it is not happening on my S3 (international version)

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.