backtop


Print 21 comment(s) - last by Datcyde.. on Mar 11 at 2:49 AM

Five step hack allows you to easily avoid password on top Android smartphone

Apple, Inc. (AAPL) recently was heavily criticized when hackers discovered a complex process of presses allowed a potentially malicious user to circumvent the lock screen password.  The "hack" resembled a video game cheat and was quite intensive.

But apparently Apple wasn't the only one with this kind of vulnerability (or perhaps a backdoor firmware makers forgot to remove?).  With Android smartphones, Google Inc. (GOOG) typically allows Android phonemakers to make their own lockscreens.  Due to legal issues with Apple, and the desire to have distinctive GUIs, Android phonemakers have a variety of different software handling unlocking.

In Samsung's case, the proprietary lock-screen implementation on its best-selling flagship Galaxy S III is vulnerable to a similar hack.  The Full Disclosure mailing list, a popular hardware and software hacking email mailer, reveals the process as:

1) On the code entry screen press Emergency Call
2) Then press Emergency Contacts
3) Press the Home button once
4) Just after pressing the Home button press the power button quickly
5) If successful, pressing the power button again will bring you to the S3′s home screen
 

 
Looks like for now Samsung owners might want to avoid hurling criticism at Apple for its similar backdoor.

Source: Full Disclosure



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: doesn't work all the time
By Kharadmon on 3/7/2013 3:35:50 PM , Rating: 2
I've just tried this on my phone and can't replicate it.
It's possible that as I've enabled the option to have the power button lock the screen automatically it stops the exploit (or it could be I'm using a Samsung based custom ROM).

Settings->Lock Screen then enable "Lock instantly with power key".
If you want to set security on your phone why not enable this as well.


RE: doesn't work all the time
By orgy08 on 3/7/2013 4:02:38 PM , Rating: 2
Mine is set to 5 seconds. I changed it to 1 minute and still can't replicated it. I am using stock with root access.


"We can't expect users to use common sense. That would eliminate the need for all sorts of legislation, committees, oversight and lawyers." -- Christopher Jennings














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki