As Samsung security vulnerabilities go, this one's relatively minor. Nevertheless, if you're using lock screen security on the Galaxy Note 2, this latest loophole is something you should be aware of. Blogger Terence Eden has discovered a way to briefly bypass lock screen security on Samsung's 5.5-incher, momentarily allowing access to the home screen.
By hitting "emergency call," then "emergency contacts," then holding the home button, the main home screen becomes visible for around a second -- just enough time to load an app, before reverting back to the lock screen. This dismisses any app that's loaded, but if a direct dial shortcut is placed on the home screen then it's possible to activate this and make a call, bypassing the lock screen security. Using this method it could also be possible to load up email or SMS apps for long enough to get an overview of sensitive messages.
So this certainly isn't anywhere near as serious as the Exynos kernel vulnerability or USSD code hacks that came to light late last year, but it's probably something that should be fixed. Until then, if you're concerned about folks breaking past your lock screen security, you could avoid placing direct dial shortcuts on your main home screen. (Or alternatively keep your phone away from people you don't trust.)
We've got Eden's original video after the break.
- Related devices: