While Apple is busy patching the various exploits discovered that can result in the passcode security implementation being completely bypassed in iOS 6, it appears that Samsung has some work of its own to do. Security researcher Terence Eden told Cnet that he has discovered a vulnerability in the Samsung Galaxy Note 2, but that the same vulnerability likely affects other Galaxy devices running similar software.
“I have discovered another security flaw in Samsung Android phones,” Eden said in his blog post today. “It is possible to completely disable the lock screen and get access to any app — even when the phone is ‘securely’ locked with a pattern, PIN, password, or face detection. Unlike another recently released flaw, this doesn’t rely quite so heavily on ultra-precise timing.”
Eden contacted Samsung before speaking to Cnet, as he wanted to give the Korean juggernaut time to fix the issue before bringing it in to the spotlight. Samsung told him that they were working on a fix that should be pushed as soon as it is ready. Given the complexity of today’s smartphone operating systems, it isn’t surprising to see security holes and exploits like this becoming more common. It is, however, cause for concern. Be careful out there; it’s a jungle.