Samsung's Galaxy Note II the latest to fall victim to lock screen flaw

[Shawn Knight]

It seems Apple isn’t the only smartphone provider that’s having trouble as of late with lock screen flaws as we are now hearing word that Samsung’s Galaxy Note II is suffering from similar issues. Mobile enthusiast Terence Eden said he was able to bypass the phone’s lock screen, view the home screen and make calls under certain circumstances without unlocking the handset.

The flaw was tested on a Note II N7100 with Android version 4.1.2 installed which is the latest version available in the UK. In order to perform the workaround, you’ll first need to lock the device using a pattern lock, PIN or password. From there, activate the lock screen, tap Emergency Call, then press the ICE button on the bottom left, hold down the physical home key for a few seconds then release.

The phone’s home screen will be displayed briefly. During this time, you can click on an app or widget to launch it. In the event that the Direct Dial widget is on the home screen, the phone will initiate a call.

Eden is the first to admit the vulnerability is limited in scope which is one of the reasons he decided to disclose it. Making a call relies on the Direct Dial widget being present on the home screen and running apps does little more than launch them in the background. Should the app perform a function upon launch like playing music or turning on the phone’s flash, that event will still happen as it normally would.

As of writing, there doesn’t appear to be any way to protect your handset against the home screen being accessed. Eden does, however, offer up some suggestions such as not using the Direct Dial widget, removing any calendar or e-mail widgets that may show sensitive information on the home screen and using an app locker that will ask for a password when an app is launched. Note that changing to a different launcher will not help nor will using a third party lock screen if it accesses the emergency dialer.

Permalink to story.

https://www.techspot.com/news/51822-samsungs-galaxy-note-ii-the-latest-to-fall-victim-to-lock-screen-flaw.html

 

[treeski]

First they copy icons, then they copy lock screen security issues... what's next?! /s

 

[Julien]

Interesting. My note 2 is fully up-to-date and has no such issues.

 

[Guest]

This is problem is related to the Touch Wiz lock screen. Which is frustrating because wasn't it Google's plan to get rid of this, HTC Sense and other overlays since 4.0? I am glad I run stock android on all my devices including my Note 2...

 

[highlander84]

Interesting this only applies if someone finds your lost phone (in which case your a *****) or someone steals it. Either way under normal circumstances this is a no problem for 99% of people.

 

[Tygerstrike]

The best thing you can do is download any number of apps that allow you to find your phone. This becomes INCREDIBLY usefull when you figure the phones run anywhere from 400-800 dollars. I use a app that finds my iphone and completly locks my information down. I lost my phone in a casino and used the app to track it down.

 

[Trillionsin]

I tried this on my Note II. I could not get anything started above the lock screen. There were a few programs, apps as you will, to run.. but the lockscreen still came up and blocked them.... so, sure there may be a flaw... but I really dont see anyone getting anywhere with this.

 

[MrBlkfx1]

Yeah, doesn't work on my Note II. However, I am running a custom AOSP rom. So, maybe it only happens with stock TW builds.

 

[MonsterZero]

Galaxy note II on att with 4.1.2 - I can see the home screen for a brief second and can launch an app if I press quickyl, but I as Trillionsin said, the lock screen still blocks access to the device.

Also hes not using a pin lock, hes using pattern unlock which is not as secure.