Major Security Flaw Found in Samsung Galaxy S II
“BGR has uncovered a major security flaw on AT&T’s version of the Samsung Galaxy S II that renders Android’s security lock feature completely useless.
Using a simple workaround, the security hole allows anyone to bypass the unlock pattern, which normally denies users access to an Android device unless a preset pattern is drawn on a grid of nine dots spread across the device’s lock screen. The same flaw allows users to bypass PIN security as well.
We have confirmed that the flaw exists on AT&T’s Galaxy S II and not on Sprint’s Galaxy S II, Epic Touch 4G, though it is currently unclear if other phone models are affected. Hit the break for details on the flaw.
If you have a PIN or an unlock pattern set, all you have to do in order to bypass it is simply tap the lock button to wake the display and then let the screen time out and go black. Tap the lock button again and low and behold, the unlock screen is gone and the phone can be accessed with no PIN or pattern input whatsoever.”