Galaxy Note II vulnerability lets attackers (briefly) access home screen apps

@ 2013/03/05
A security flaw discovered by Terence Eden on the Galaxy Note II with Android 4.1.2 may make that device less secure than you think when it's locked by a code or other method. He discovered that the homescreen can be accessed, albeit it just for a split second, by pressing the "Emergency Call" icon, then the ICE button and finally pressing the physical home key for several seconds. While brief, it's still enough time to click on any of your homescreen apps, which normally wouldn't present a problem since access goes away when the home page disappears again. However, if one of your apps is a "direct dial" widget, for instance, a call can actually be placed by a hacker, and many other programs that perform an action at launch could also leave the device vulnerable. We've confirmed the flaw on our own handsets and the individual who discovered it says that after reporting it five days ago, Samsung has yet to respond. We've reached out to the Korean company ourselves and will let you know about any further developments.

No comments available.

 

reply