It looks like the iPhone is not the only one vulnerable to passcode bug; even lock screen of Samsung smartphones on Android OS provides just a marginal level of protection. The flaw, which does require precision timing, was posted on Terence Eden’s website, which allows a user to skip any security measures and run any app. Eden said –
I have discovered another security flaw in Samsung Android phones. It is possible to completely disable the lock screen and get access to any app – even when the phone is “securely” locked with a pattern, PIN, password, or face detection. Unlike another recently released flaw, this doesn’t rely quite so heavily on ultra-precise timing.
You don’t get access to everything on the device. But this does give access to all of your contact data and allows that person to make any calls they desire. Just look at the video on YouTube outlining how security on the Samsung smartphone lock screen can be easily bypassed by just about anyone, rendering it vulnerable to hackers.
Eden tested the lock screen issue on his Samsung Galaxy Note II running 4.1.2 with the Touchwiz launcher but claimed that the issue can be reproduced on all Samsung smartphones including the Galaxy S III.
Per Eden’s research, the bug is residing into Samsung’s implementation of Android, and cannot be reproduced in the stock build of Google’s operating system.
To defend their device against any potential attack, Eden had suggested the Samsung community to completely remove the Samsung firmware and replacing it with a 3rd party ROM, till the company releases the permanent fix. Meanwhile, Galaxy S3 owners can install this ROM to get rid of the issue.
A Samsung spokesperson confirmed that they are aware of the vulnerability and plans to issue a fix for a lock screen bug in a future software update, but no timeline for the update was offered.