Vulnerability allows bypassing of lockscreen in Samsung Galaxy devices

Earlier this month, a bug was discovered in the Samsung Galaxy Note II that could potentially let someone make calls and access the apps even if the device was locked. Mobile enthusiast Terence Eden has now discovered a flaw in Samsung devices that run on Android 4.1.2. The previously discovered bug has led to this new one that gives those with malicious intent even more control over Samsung devices, despite it already having a lock.

Latest Note unveiled

The security vulnerability is quite serious


Eden has posted the steps to do so on his blog:

  • From the lock screen, hit the emergency call button.
  • Dial a non-existent emergency services number - e.g. 0.
  • Press the green dial icon.
  • Dismiss the error message.
  • Press the phone's back button.
  • The app's screen will be briefly displayed.
  • This is just about long enough to interact with the app.
  • Using this, you can run and interact with any app/widget/settings menu.
  • You can also use this to launch the dialler.
  • From there, you can dial any phone number (one digit at a time) and place a phone call.
  • With Google Play, you can search for apps using the voice interface.
  • You can download apps from the app store, which will disable the screen lock.

He has mentioned that there is a way to defend against this attack, at least partially. It is possible to reduce the amount of time the screen is displayed by disabling screen animations. To do so, go to Settings, Developer Options, where you can toggle window animation scale. You will have to do the same for Transition animation scale and Animator duration scale. This won't defend completely against the vulnerability, but one would need to be much quicker to pull it off.

Eden said that he had reported this flaw to Samsung in February, and that they are working on a patch which is set to come out shortly.

The original security flaw was discovered earlier this month by Eden. He added that the vulnerability can go through security features like Pattern Lock, PIN, Password and Face Unlock activated on a user's phone. What this means then is that "there is no way to secure your phone against your homescreen being accessed."

He says that one of the reasons he has made this discovery public is that the attack is of limited value. It is only if a user has a direct dial widget on his homescreen that an unintended call will go through. Apps too go into the background. However, actions like recording, playing music will still go through, if apps for those are accessed.

Of course, someone accessing your phone's homescreen would give him an insight into the kind of apps that you have downloaded, in addition to saved Calendar entries, if any.

Published Date: Mar 21, 2013 03:35 pm | Updated Date: Mar 21, 2013 03:35 pm