Saturday, October 1, 2011

AT&T Samsung Galaxy S II lock screen security flaw, and how to fix it

It seems like the shiny new AT&T version of the Samsung Galaxy S II has at least one dull spot. There’s an easy work-around that will let anyone access your phone if you’ve implemented Android’s unique pattern-based or PIN lock screen. Don’t worry, though, an industrious early adopter has already found a way to secure the Galaxy S II while keeping the lock screen in place.


The flaw works like this: a phone with the pattern lock will work normally if simply turned off and then back on again – you have to hit the correct sequence of dots or enter a PIN in order to access anything except a 9111 call. But if you rapidly turn the screen off and on again, eventually you see Samsung’s TouchWiz unlock screen, and you can just swipe the screen up to access anything on the phone. Strangely, the bug doesn’t affect the lock screen immediately after the phone powers on, or users with Microsoft Exchange security in place. Samsung says that’s they’re aware of the issue and are “looking into it.”
Here’s a video example:



In the meantime, there’s a quick workaround found by one user: set the lock screen time to immediate in the “Location and Security” section of the Galaxy S II’s main menu. Annoying, but functional.
Your Ad Here

0 comments:

Post a Comment

Share Your Views Here