AT&T Galaxy S II Launching With Major Lockscreen Security Hole?
AT&T gets its Samsung Galaxy S II this weekend, and while it goes without saying that if you pick one up on Sunday, you should probably try to avoid losing it straight away, there’s more at stake here than just some expensive new hardware, thanks to the revelation of a lock-screen bypass that readily grants unauthorized users access to your phone and everything stored therein.
BGR discovered the problem while experimenting with the handset, and it looks to be a quite serious security hole. Basically, you just have to wake the phone, ignore the lock screen and wait for the display to sleep again, and then wake it back up. On that second time through, any PIN or pattern-based lock screen should be gone.
Since this isn’t happening on other Galaxy S II models, it’s almost certainly due to something AT&T implemented. The big question now is if a fix will be released in time for the phone’s debut. It’d be cutting it close, but if this all amounts to a simple fix, we just might see it happen. If that turns out not to be the case, one work-around is powering the phone all the way down; you can only bypass the lock after the handset’s been successfully unlocked at least once on that power cycle, and the first time will always require valid authentication.