Thursday, 14 March 2013

Samsung Galaxy Note II lock screen bug causes security issues


Samsung's Galaxy Note II device suffers from a lock screen bug that can lead to potential security slip-up.

Samsung Galaxy Note II is claimed to have lock screen bug that could be a threat to the privacy of the users of the device.

India based technology professional, S Sriganesh posted (http://ssriganesh.blogspot.in/2013/03/flaw-in-samsung-note2-pop-up-browser.html) on his personal blog about his discovery of the bug residing in the lock screen which could lead to bypassing any sort of security option. In order to provide a stop gap solution, Lookout Mobile Security has been updated by Lookout to temporarily protect the Galaxy Note II devices from this issue.

Google Android offers different types of security options to lock the device - pattern lock, password lock and PIN lock. Though the Android 4.0 Ice Cream Sandwich brought along the Face Unlock, it has not picked up amongst the users.

Samsung Galaxy Note II offers all these features but apparently there is a bug in the lock screen that would let attacks hack their way through and gain access to the apps as well as widgets. However, this is possible if the Information Ticker is left ON and/or the user has accessed a link in a Pop-Up browser.

With the information ticker option left On, the attacker can bypass the lock screen security to gain access to the device. Also, the attacker can redirect the pop-up website to any nefarious link and gain access even to the clipboard items for sniffing sensitive login information.

Samsung shared its comment with CNET, "Samsung considers user privacy and the security of user data its top priority. We are aware of this issue and will release a fix at the earliest possibility."

We believe that a small security update will be pushed by Samsung to the Galaxy Note II and all other devices that feature Pop-Up Browser.

No comments:

Post a comment