New Exploit Exposes Lockscreen Security Loophole on Galaxy S Phones


Security Loophole on Galaxy S Phones

Our phones keep our personal and secure data that needs to be protected against unauthorized use. I well remember a major security breach reported by an XDA member named Graffixnyc who opened the Samsung S-Memo SQLite files on his Galaxy S3 and found something shocking. The S-Memo app stored his Google account password in clear text. Since his device was rooted he was rooted he was able to view the contents of the SQLite files. Even though the only users affected by this are root users, the records themselves should have been encrypted. In such a situation, you are left to the mercy of the app developers and pray that anybody might not steal  your secret data.

Months later, we heard of another such incident of security breach on a Samsung Galaxy S3. It was called “Exynos Abuse” and it was discovered by Chainfire. And now, we have another story for you that brings out how insecure you phone can be even when it is Pattern or PIN lock protected. The new lockscreen security breach has been exposed by a guy named Terrence Eden who was able to access certain features, and even the homescreen and phone itself, on his Galaxy Note 2.  The exploit relies on brief visibility of the phone’s display, unlocked, after a failed emergency call placed from the lockscreen.

The lockscreen bypass loophole might be present on other Samsung Galaxy phones too. Samsung has reportedly promised to release a patch that fixes the vulnerability in the software, but so far the only way to fix it is to install a custom ROM.