The Hacker News
iOS was in the news lately for a series of security mishaps, but this time android back in scene. A security flaw discovered by Terence Eden on the Galaxy Note II with Android 4.1.2 that allows hackers to briefly bypass the phone's lock screen without needing a password.

By hitting "emergency call" then "emergency contacts" then holding the home button, the main home screen becomes visible for around a second just enough time to load an app, before reverting back to the lock screen.

Cybersecurity

Not all apps will open in this manner, a demo video shows that Google Play does not respond. Reportedly, Eden contacted Samsung roughly five days ago but has yet to hear back. He said that he has not tested any other Samsung devices to see if they are also affected.


The flaw appears to be similar to a screen lock vulnerability in newer Apple devices, including the iPhone 5.

Steps to follow:
  1. Lock the device with a "secure" pattern, PIN, or password.
  2. Activate the screen.
  3. Press "Emergency Call".
  4. Press the "ICE" button on the bottom left.
  5. Hold down the physical home key for a few seconds and then release.
  6. The phone's home screen will be displayed - briefly.
  7. While the home screen is displayed, click on an app or a widget.
  8. The app or widget will launch.
  9. If the widget is "direct dial" the phone will start ringing.
Using this method it could also be possible to load up email or SMS apps for long enough to get an overview of sensitive messages.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.