Galaxy Note 2 lock screen

As Samsung security vulnerabilities go, this one's relatively minor. Nevertheless, if you're using lock screen security on the Galaxy Note 2, this latest loophole is something you should be aware of. Blogger Terence Eden has discovered a way to briefly bypass lock screen security on Samsung's 5.5-incher, momentarily allowing access to the home screen.

By hitting "emergency call," then "emergency contacts," then holding the home button, the main home screen becomes visible for around a second -- just enough time to load an app, before reverting back to the lock screen. This dismisses any app that's loaded, but if a direct dial shortcut is placed on the home screen then it's possible to activate this and make a call, bypassing the lock screen security. Using this method it could also be possible to load up email or SMS apps for long enough to get an overview of sensitive messages.

So this certainly isn't anywhere near as serious as the Exynos kernel vulnerability or USSD code hacks that came to light late last year, but it's probably something that should be fixed. Until then, if you're concerned about folks breaking past your lock screen security, you could avoid placing direct dial shortcuts on your main home screen. (Or alternatively keep your phone away from people you don't trust.)

We've got Eden's original video after the break.

Source: Terence Eden; via: Engadget

 
There are 6 comments

Synycalwon says:

Using a PIN lock on my Verizon Note 2 and it does this with a regular press on either the home button or the back button. It flashes the home screen so fast though (less than a second) I can never actually get anything to launch. So even if someone could launch an app, it seems highly unlikely they'd have enough time to actually see any info in it.

Anyway, it's highly unlikely someone would get physical access to my phone as I'm extremely protective of "My precious"! :P Even if they did, besides getting a brief glimpse of my awesome home screen, the most they could do is dial my two emergency contacts. :O

x-ware says:

I'm so sorry to bring you even worse news to Samsung + Android users, but I have an Galaxy S3 and I tried to reproduce this issue and guess what ? I can even broke the whole security, just follow this steps on your Galaxy S3 phone:

1. On the lock screen select "Emergency Call"
2. Select Emergency Contacts
3. Hold Home button for 3 secs (aprox)
4. Push several times the Home button and voila! Now you have access to the WHOLE PHONE !

So... Samsung... Help will be appreciated ASAP !

Synycalwon says:

Doesn't work on my Note 2.

ARich91 says:

If I do this on my Note 2 I can see my homescreen like in the video in the article, but it still just goes back to the lock screen

discdoc says:

I only wish that this was the only problem. Since the last update, there are numerous issues with the phone, including decreased battery performance, lagging screens, auto-brightness issues, Exchange problems, Home Button now brings up the Task Killer... the list goes on and on. I'm not the only one experiencing these problems... and a factory reset does NOT correct them. Too bad... the Note II went from being my all-time favorite, to just another quirky phone :-(

GMJeff says:

From what I have seen after the last update was just a issue with wifi not connecting properly.

No battery issues, it appears to be the same as it was when new. My screens don't lag. Not sure about the exchange issues as I do not use it.

Also, as far as I know, the task killer from the home button thing was there when I bought the note 2 new, or in the first jelly bean upgrade. Besides, it is easy to remember that a tap goes to home, hold the button to bring up the task killer. I use it a lot, so the easier to get to, the better. Saves me time and multiple screen taps.

I have had my note 2 since release and the wifi thing was my biggest problem. I had to solve that by doing a factory reset from the recovery console after wiping the dalvik cache first. Has worked fine since.