A security flaw was discovered in Samsung's Galaxy Note 2 earlier this week, allowing someone to bypass the device's lock screen. Today, it's been confirmed that the Galaxy S3 smartphone is also vulnerable to the same attack, in a much more serious way.
The security flaw was first discovered by mobile enthusiast Terence Eden, who found that you can bypass the lock screen by quickly tapping on the right buttons. Using this technique, one can potentially make calls, access a server, and read emails.
Security researcher Sean McMillan has now confirmed that the invasive technique also applies to Galaxy S3 phones. Regardless of whether the device is using a passcode, pattern, PIN, or facial recognition method to lock the home screen, an attacker with physical access to the device can access just about any aspect of the phone.
In his tests, McMillan was able to view images taken with the phone's camera, make calls, send and receive text messages, and access social networking and email accounts. He does admit that it is a difficult to exploit this vulnerability, his tests took up to 20 attempts to get past the lock screen, but it has so far worked on every Galaxy S3 he has tried.
The flaw relies on the phone's Emergency Call functionality, a mandatory feature that allows you to bypass the lock screen in order to make calls to pre-listed emergency numbers. It also only works on Samsung devices running the TouchWiz version of the Android platform, so as far as we know now, it doesn't effect phones from other manufacturers.
Samsung has yet to announce a timeline for fixing this issue, nor has it even officially acknowledged the vulnerability. While it may not be a massive issue, it's still definitely worth keeping a close eye on your phone until this problem gets resolved.
- Contribute to this Story:
- Send us a tip
- Send us a photo or video
- Suggest a correction
