We have some important news for those of you with the AT&T version of the Samsung Galaxy S II smartphone. It has been discovered that there is a rather serious security flaw involving the lock screen, which if bypassed, will allow a user to render the lock screen, as well as PIN code useless.
Before you rush to your Galaxy S II lock screen and check that you don’t have a problem, take note that is this just affecting the AT&T version, so those of you with the Sprint version are not affected by this.
It has become aware that if you tap the lock button, wait for the screen to time out and then tap the button again, you will completely skip the lock screen input process and gain access to the phone, as discovered by BGR. This also applies to any PIN codes that you input and obviously your precious data is at risk if your handset gets placed in the wrong hands.
There is no word from AT&T regarding this, but luckily Samsung has already acknowledged the problem and have come up with a temporary workaround to solve the problem while they work on a permanent fix. To ensure that you are protected from this flaw, go to the settings menu on your device and then proceed with the following steps: Location and Security->Screen unlock settings->Timeout->Immediately.
Setting your timeout to ‘immediately’ will fix up the problem and it will mean that your lock screen stays in tact after the timeout. It’s obviously good that Samsung has come up with a fix so soon, but it is particularly worrying at the ease of which this flaw operates. We’re guessing that Samsung will advise AT&T to eliminate the problem full stop in the next software, but how long that takes to arrive remains to be seen.
Firstly, have any of you witnessed this bypass in action? What are your thoughts on the problem and the ease in which data is accessible if you misplace your phone?