A major, major security flaw has been discovered in one of Samsung Galaxy S II’s variants today which lets users bypass the lockscreen even if a PIN code or pattern has been enabled.
The news comes from Boy Genius Report – a blog dedicated to covering mobile and general consumer electronics – in a post where they show how the lockscreen can be bypassed on AT&T’s variant of the Samsung Galaxy S II.
From Boy Genius Report:
BGR has uncovered a major security flaw on AT&T’s version of the Samsung Galaxy S II that renders Android’s security lock feature completely useless. Using a simple workaround, the security hole allows anyone to bypass the unlock pattern, which normally denies users access to an Android device unless a preset pattern is drawn on a grid of nine dots spread across the device’s lock screen. The same flaw allows users to bypass PIN security as well.
It is incredibly simple to bypass the lockscreen. If a PIN or unlock pattern has been set, all that needs to be done is to press the Lock button to wake up the display, wait till it blacks out, press the Lock button again and, boom, the PIN/Unlock Pattern lockscreen goes away.
The method works as long as the phone has been unlocked using the PIN code / unlock pattern at least once after the device has been powered on. Folks who use PIN code / unlock pattern to keep their data safe will be at risk when they order the phone from AT&T (it is releasing tomorrow, October 2nd for $199 with a two-year contract).
Samsung has responded to Boy Genius Report’s post, saying that they are actively investigating the issue. AT&T, on the other hand, refused to comment.
Although Boy Genius Report has stated that this flaw is only for the AT&T Galaxy S II variant, we couldn’t help testing it on our Galaxy S II (International Version) unit. Suffice it to say, it didn’t work.
Still, if you’ve got the international version of the Samsung Galaxy S II or any one of its variants, do give this a try to see if the security hole exists on other models. Let us know about your experience in the comments section on our Facebook page!