Bug bypasses lock screen on Samsung Galaxy S3, Note 2

March 6, 2013

samsung-galaxy-s3

The lock screen of your smartphone that supposedly keeps confidential info from prying eyes turns out to be not so reliable after all. A bug has been discovered that lets users take a sneak peek of the home screen of the Samsung Galaxy Note 2. Worse, a similar bug completely allows bypassing and gain control of the Samsung Galaxy S3.

Mobile enthusiast Terence Eden first discovered the Note 2 bug and posted a complete exposé of the issue on his personal blog, after learning that South Korean smartphone giant Samsung does not have a dedicated disclosure team. Several types of lock screens, specifically Pattern Lock, PIN, Face Unlock, and even the most secure Password, are affected. Eden even went on to say that “there is no way to secure your phone.” To confirm his theory, you can follow the steps below and invoke the bug on your own device.

  1. Lock the device using the affected security types mentioned above.
  2. Turn the screen on.
  3. Tap Emergency call.
  4. Tap the ICE – emergency contacts button on the bottom left.
  5. Press the Home button.
  6. Quickly tap on an app/widget displayed on the home screen. For example, a direct dial widget allows calling a person without unlocking the phone.

I successfully replicated the bug myself using my Note 2 (model number GT-N7100) running on the latest Android 4.1.2. Pressing the Home button while the emergency contacts are displayed gives me a short glimpse of my phone’s home screen. Depending on what widgets or apps are present on the active home screen, the bug can be relatively harmless or – as Eden puts it – an attack that is of limited value and scope. Nonetheless, even using a different launcher or a 3rd party lock screen does not help protecting the device against the emergency dialer bug.

Only a few days after Eden revealed this security flaw, another smartphone owner disclosed a similar bug affecting Galaxy S3 devices. Sean McMillan posted on the Full Disclosure mailing list a summary and steps on bypassing the lock screen, described below:

  1. Tap Emergency call on the lock screen.
  2. Tap the ICE – emergency contacts button.
  3. Press the Home button once.
  4. Immediately press the power button after performing step 3.
  5. If the bug has occurred, pressing the power button the second time directs you to the home screen.

McMillan notes that recreating the bug is not sure to succeed every time. It may take a few tries for the method above to work, sometimes taking even more than 20 attempts. But once successful, the lock screen is disabled until the device is rebooted. He further notes that turning automatic screen rotation on seems to increase the likelihood. He also used three Galaxy S3 devices with the model number GT-I9300 and kernel version 3.031-742798, running on Android 4.1.2.

Unlike the Note 2 bug, this flaw in the S3 lock screen is a major issue, disturbingly one that Samsung has not yet bothered to address, at least publicly. Perhaps they are still busy fixing the previous copy-paste clipboard bug.

Fortunately, not every Android-powered device is affected by the flaw, only ones running on Samsung’s customized software. Is your Galaxy device affected? Leave a comment below.

Comments

  • kumiko

    I just tried it on my lte note 2. I managed to open the play store, but the lock screen pops back before I can do anything else. Only saw the play store opening, then it’s back to the lock screen.

  • http://www.facebook.com/isaac.harrison.14 Isaac Harrison

    First of all who would leave their galaxy n2/s3 where people would try to infiltrate it? Second, wouldn’t someone like that be more likely to just STEAL the phone? This is such a minor security flaw that it does more harm making it public knowledge than just the flaw itself.
    Finally, how much you wanna bet this will be fixed in the next firmware update?

  • trap4devil

    Turn off animation scales, then try to replicate the bug again. There is no way that anything could be open as screen would disappear right away. I know it’s not a bug fix but it will help if you worried.

  • hochimin

    i have never used the lock screen, i always disable it, but thanks anyways.

  • Sai Kiran
  • Jason Bailey

    This is obviously a bug, but the title of bypassing lockscreen is misleading, as that implies it give you full access to the device.

  • ArrowPC

    So I just enabled a password on my SGS2 and had a go at this…. Guess what same issue. I managed to see my home screen briefly, and after a couple of goes I managed to launch the media player, then i tried to open skype i didnt think i got the icon but sure enough after a couple of seconds sitting on the lock screen the skype log on sound played. Unlocked the phone and sure enough Skype and music player were both open. SGS2 when you hit ICE the double tap the hard menu button quickly.

  • http://www.facebook.com/PradeepVizz Pradeep Viswanathan R

    LOL samsung what happened to SAFE and KNOX :D

  • Hero

    I’ve tried to do that on my phone Samsung Galaxy S3

    https://www.youtube.com/watch?v=HVJaj0hNppU

  • MS

    Yup… the bypass security bug does work as specified. Using a Galaxy S3 on Rogers (SGH-1747M) on JB 4.1.1. Once done, you are able to access all the screen pages except that you can’t slide down the upper menu roller part. However, everything is accessible and there is no more security. Turning it on/off will get you immediately to your main page – no security at all.

    It took me about 10-20 tries and your timing has to be perfect.

    This and the copy/paste repeatedly bug should be fixed!! C’mon Samsung, lets get this fixed already !!!

  • Ardiev

    just tryed it on my Galaxy 3 4.1.1 it took me about 20 trys and I would bypass the lock screen, after im in the phone i have full access but it wont lock again when i hit the power button and wake it up again, rebooting the phone brings the lock screen back again on my phone, i I tryed this several times and after the reboot to get the lock screen back it seems to take the same amount of tryes to get back in each time.
    Just like the article i read said dont let your g friend find out about it lol
    I like to use the pin code on my phone just for secure reasons like my email and some apps I know some people dont use a screen lock and thats k , Having that feature on the phone i expect to know my phone is secure, But now im not Secure go figure!
    I hope Samsung can address this Security Issue Soon

  • Bhugtaan Pragyaware

    thanks to share this amazing blog with very informative video here!!!