Bug awareness that can access telephone functions by bypassing the lock screen to "Galaxy SIII"

Bypass means that you can access contacts and photos without entering passcodes with iPhone (iOS 6.1)Although it was discovered in February, this time Galaxy SIII found a bypass means which can access the telephone function without unlocking the lock screen in the same way.

Full Disclosure: Samsung S3: Full Lock Screen Bypass
http://seclists.org/fulldisclosure/2013/Mar/50


This is what Sean McMillan reported, the procedure is as follows.

1:Tap "Emergency call" on the passcode entry screen

2:Tap "Emergency Contact"

3:Press the Home button once

Four:Press the power button immediately after pressing the home button

Five:If the bypass is successful, if the power button is pressed again, the telephone function screen is displayed above the bus code input screen

Apart from MacMillan, a user named Sai Kiran on YouTube has released a practical movie.

Samsung Galaxy S3 Security Flaw - (Bypassing the lock screen) - YouTube


First, tap "Emergency Call" at the bottom of the screen on the passcode entry screen. For this person, I set it as pattern input, but it is the same for other methods.


An emergency message screen was displayed. Here tap the button on the bottom left (Emergency Contact).


When the emergency contact list screen is displayed, press the home button and immediately press the power button. It is necessary to operate here quickly.


Then, by pressing the power button, it shifts to the sleep state, and before that, the home screen can be seen only for a moment



When the power button is pressed next, pass code input screen comes out ......


The telephone function was displayed so as to overlap with it.


I have not released the lock yet, but in this state the phone is ready to use.



I ended the telephone function and returned to the passcode entry screen.


MacMillan seems to have tried about 20 times before it succeeds, but success has been confirmed with three Galaxy SIII so far. By the way, it seems that the success rate is higher when "Auto Rotation" option is on. The Galaxy SIII model number used is GT-I 9300 (international version), Android version is 4.1.2, the kernel version is "3.031-742798". There is also a success example for Android version 4.1.1, and Kiran says that Galaxy Note II will also succeed.

Kiran points out that the cause is due to putting "Direct dial widget" on the home screen, and advises that it is better not to put the widget until the bug is fixed.