A hacking technique demonstrating a way to bypass the device lock screen feature on Android smartphones has been discovered.
The security flaw was discovered on Android 4.1.2 and demonstrated on a Samsung Galaxy Note 2 smartphone. Terence Eden, a mobile enthusiast, posted the smartphone lock bypass technique on his personal blog.
The bypass could potentially enable someone to make a phone call, record from the microphone, play music or interact with a server. The attacker could also view the calendar or emails if a widget displays them on the home screen, Eden said.
The video demonstrates the hack on the stock firmware, which Samsung recently pushed out to users. Hitting the home screen button briefly displays the home screen, enabling a user to view it and potentially run apps by quickly tapping on them.
"This is a reasonably small vulnerability," Eden said in the video demonstration. "If the person has direct-dial on there, you will be able to dial it."
Eden said he released details about the bypass because it has a number of limitations. To make a phone call, the direct dial widget needs to be on the device's home screen. Attempting to run an app will send it immediately into the background, he wrote.
"Rapidly tapping the home button will -- depending on your launcher -- allow you to see what is on every home screen," wrote Eden. "Using an external video camera you should be able to clearly see all the user's calendar & email widgets if they have enabled them."
Last month, Apple rushed out a security update for iPhones, fixing a coding error that enabled users to bypass the pass code features on the smartphones. The flaw was similar to a previous one in the iPhone, which was reintroduced by developers into the phone firmware during the coding process. The iPhone hack was slightly more serious, enabling users to get around a security code to make a call, access voicemail, view or modify contacts and browse photos.
Both the Android and Apple bypasses appear to be fairly low-level hacks, said Cameron Camp, a security researcher at Bratislava, Slovakia-based security firm ESET. The real issue, according to Cameron, is the lengthy time it takes for Google to get an update out to impacted device owners. A security fix issued by Google would have to go upstream to handset manufacturers and then to carriers who will release a fix to device owners.
"Lag time creates tremendous opportunity for fraudsters," Camp said. "Even if they came up with the magic secret sauce at Google to make it never happen again, it will take a while to hit all the handsets."
When Apple has a security problem, its tight grip on the device and its firmware gives the company an opportunity to push out a security update to iPhone owners immediately, Camp said.
"You're always going to have less security issues whether directly or indirectly if you own the whole stack like Apple does," Camp said.
PUBLISHED MARCH 4, 2013