Samsung Galaxy S3 bug lets anyone bypass lockscreen with minimal effort

Uh oh, looks like Samsung is facing another possible security breach, this time with the Galaxy S3. Apparently the boys at ZDNet got wind of a security exploit that allows anyone with a high school GED to completely bypass the lockscreen on the Galaxy S3 with very minimal effort. Don’t believe it? Here’s how to do it:

  1. On the code entry screen, press Emergency Call
  2. Press Emergency Contacts
  3. Press the Home button once
  4. Just after pressing the Home button, press the power button quickly
  5. If successful, pressing the power button again will bring you to the S3′s home screen.

Now, quick — don’t let you girlfriend find these instructions and remember: with great power comes great responsibility. If all this is sounding a bit familiar, you may remember a similar situation hitting the iPhone in which users could bypass iOS’s lockscreen using a similar method. Looks like Samsung will be playing damage control for the next few days. We’ll let you know once we get an official word from Sammy, and when they plan to address this exploit through a software update.

[Full Disclosure via ZDNet]

Continue reading:




  • http://www.vgchartz.com SuperChunk

    Could Apple sue them for copying once again?

    • DavidVarghese

      Lmao
      This was my first thought…

    • NIGHTSCOUT

      God when is this gonna end, this has to be the MOST played out joke by Android fans.

      • https://twitter.com/EpicEuropean Kreft

        Lol. Why are you here then?

        • NIGHTSCOUT

          I’m an Android fan too, but that joke is SO…TIRED….

          • https://twitter.com/EpicEuropean Kreft

            Anything at the expense of apple can’t be played out. The sooner they crash and burn the better the world will be.

          • NIGHTSCOUT

            Maybe so, but we need new material. Just sounds like a broken record that one.

          • sw4gd4ddy

            sounding like a broken record could apple sue us that?

        • vegiisan

          In this situation, I still found that old joke amusing. Haha.

      • http://twitter.com/KnowScott Scott Stafford

        The sad thing its not even a joke. They actually sue for everything. Litigate is the new innovate.

  • http://profiles.google.com/meadowsjared Jared Meadows

    See… THIS is why I like VANILLA android, and not one that’s been all touchwiz’d on. I hate the customized stuff samsung and the rest force on us because they ALWAYS screw something up.

    I mean, I love me some cyanogenmod, because somehow, those guys seem to actually know what they’re doing (more-so than sammy and htc)! :-P

    No thanks guys, I’ll take my android clean and pure please, without y’all tinkering with it and mucking it up!

    • jbo1018

      This does not seem to affect CM 10.1. I do not have the option for emergency contacts and can’t even find a way to add one. I’m guessing its a touchwiz dialer bug.

    • No_Nickname90

      You can use an app to lock down your apps. I use SmartApp Protector.

      And you can’t uninstall that particular app unless you’re rooted and some extra stuff. That extra stuff isn’t important to mention though. Just letting you know it exist.

      So you can get the best of both worlds.

    • simpleas

      This is something that is easily fixed with an update. I personally prefer samsungs feature rich software. There’s no point in using stock android only to install these extra feature, that is, if they even have it in the play store.

  • http://phandroid Victor Roman

    Not a problem if your not hiding stuff, don’t see how Apple can profit from this I’m sure Sammy didn’t do this on purpose.

    • No_Nickname90

      I’m not hiding my emails. Please come read when my packages arrive so you can steal them.

    • enomele

      Not having anything to hide isn’t the point. With that train of thought you wouldn’t mind CISPA going through.

    • enomele

      One of the basic principles of living in the USA is freedom. Freedom of speech and privacy and so on. If you don’t value privacy, even if you have nothing to hide, you have already moved on to the brainwashed state of mind that governments cherish in novels like 1984. When I get pulled over in my car even if I’m not drinking I do not want to take a breathalyzer or let them search my car.

  • JoeyZimbada

    I wish people would go straight to the source instead of the media with this crap. This article doesn’t even suggest a solution only a problem and in the wrong hands could be trouble.

    • DavidVarghese

      Ikr? I’m about to change my brother’s wallpaper to a picture of Nicolas Cage.

      Trouble is brewing

      • http://twitter.com/gamercore Chris Chavez

        I lol’d so hard.. you don’t even know xD

        • PhilNelwyn

          No reply to Joey?
          Why?
          Do you think this couldn’t really lead to some trouble?
          Your article says quite the contrary.

      • PhilNelwyn

        I wouldn’t call my brother’s hands “the wrong hands.”

        • DavidVarghese

          Not sure if you can sense the joke in my comment… But it’s there…

          • PhilNelwyn

            I sense sarcasm, and don’t like it.
            Sounds like you make fun out of him.

          • DavidVarghese

            Tough, I guess.

          • PhilNelwyn

            Not tough… nor particularly clever in my opinion.
            It may have sounded funny to me if it was justified, but the guy’s right, it’s serious.
            So yeah, for some people trouble is really brewing, what’s so funny then?

          • DavidVarghese

            Sorry I couldn’t please you, oh King Phil.
            … if you don’t like something, and have nothing to contribute, keep it to yourself.
            It’s actually not that big of an issue…
            If you’re that worried, (1) don’t lose your phone, (2) head over to XDA and look for a fix, and (3) don’t have douche bag friends/siblings that will change your wallpaper to Nicolas Cage (yes, I realized I called myself a douche bag).

          • PhilNelwyn

            You don’t have to please me, but that doesn’t mean that I can’t express my feelings, Herr General. ;)
            I had something to contribute, you just didn’t like it… I’m pretty sure that Joey felt exactly the same about your joke.
            I’m sorry if I offended you, I may have overreacted just a little bit.
            I have to admit that I’m not directly concerned by this issue.
            I still think, though, that it could have serious consequences, particularly for enterprises whose employees use their personal device.

          • DavidVarghese

            Yeah that can be a problem for sure… Hopefully Samsung can fix it soon
            But yeah, I didn’t really get offended… I just like making light of situations…
            :D

    • Manbo

      Here’s your solution.
      Bring it to Samsung’s attention through the media so they want to immediately resolve the issue to avoid any bad rep.

      Oh… wait…

    • Manbo

      Besides, when taking it straight to the source, they require many examples before they even consider/notice to prompt an investigation.
      What are the odds that people are going to notify Samsung about this, enough to warrant them dedicating resources?
      However, if it is in the media, and people read about it there, word gets out and the ball gets rolling faster.

      Use your head. Don’t blame the media for everything. Know when they are useful.

  • XtremeMorph

    Hmm tried but not working on my GS3…. i’m sure i pretty fast with my fingers. After pressing homescreen it straight away goes back to lock screen.

    • NIGHTSCOUT

      Same here. I want to see a video of a successful attempt with this.

    • DavidVarghese

      Gotta have dat quick hand movement if you know what I mean.

      • http://www.facebook.com/people/Rich-Chinito/16313960 Rich Chinito

        Very gay.

    • James Whale

      Same here, though I’m using Apex Launcher. Suspect it’s a TouchWiz issue.

    • Chris Stoochnoff

      As per my message above, the trick is NOT to have quick hand movement. Once you hit the home button, calmly hit the power button right after, but don’t do it as quick as you can, cause oddly, that is too quick. My guess is some code has to load up first before the power button trick will work. So… be quick, but not as quick as you can be. My lightning fingers couldn’t get it, so I decided to dial it back a bit and got it twice now.

  • jbo1018

    FYI This does not seem to affect CyanogenMod 10.1

    • No_Nickname90

      Yea, it’s a TouchWiz issue. It should also be obvious since other phones don’t have this issue and this is clearly software related.

      I wonder if I sounded like a douche? Oh well…

  • MadmikeX3

    My HTC Sensation is easier. If you have something like a text message in the status bar. You simply pull it down and it goes straight to the message. Press back and walah you now have full access

  • C-Law

    I’ve been trying this on my vzw 32gb gs3 running cleanrom 5.6 and can’t do it. I hit the power button before the home screen pops up and try when the home screen pops up for a split second. It never lets me in. Tried way too many times to admit to. Which variable is keeping me from succeeding?

    • Manbo

      The part where you are running a ROM.

      • C-Law

        Lol but it’s still touchwiz

        • Manbo

          Then I got nothing :)

  • abc

    Chris, I believe this might be essentially the same thing Quentyn already covered 2 days ago on March 4th, he even included a video. Last couple steps different, but practically the same issue in his article. But I guess this gives you full access to the screen, not just a quick glance?

    • http://twitter.com/gamercore Chris Chavez

      Yeah, FULL access.

      • NIGHTSCOUT

        Have you confirmed that this works? Not working for me

        • http://www.facebook.com/eric.harris.796569 Eric Harris

          Yea it works. Status bar and task manager doesn’t work tho. But u can use apps moreless still a problem. Btw it doesn’t lockup again after u do this unless u restart

      • New_Guy777

        Unable to replicate, tried on two phones about 50 times with varying wait times. Both of ours are T-Mo SGS3′s, and both have the lockscreen set to show on Power Button press. Every time it goes right back to locked, doesn’t pass Go, does not collect $200.

  • Fr0stTr0n

    Or don’t be a moron and lose your phone.

    • No_Nickname90

      You know this hack is as tedious as the one where Face Unlock would work if the person had a picture of you.

      Like I highly doubt a phone thief would think to do this. If someone really thought to look this up, they’d know they have to sell it. You can track an Android phone easily. Or do you not know about Cerberus? LoL!!

  • http://www.facebook.com/lynn.walford.10 Lynn Walford

    We were able to recreate the crack in the ICE on the Samsung Galaxy S III. Video at http://youtu.be/qCBNLTNmcA4.

    • NIGHTSCOUT

      Your recreation proves nothing. Getting a glimpse of the homescreen is worthless

      • Manbo

        Your logic tree is broken.

  • NIGHTSCOUT

    Has anyone succeeded with this? I’ve been trying on my stock VzW GS3, no luck

    • DavidVarghese

      Yeah it works… You just gotta be really quick… The notification bar and task manager doesn’t work once you bypass the security, and you can’t re-lock your S3 without restarting the phone

    • Abstract

      I have not been able to succeed. Does the new update fix this by chance?

      • Necrobain

        I have the new update from Verizon and I am still able to use this hack. SO I guess the answer is No, it does not fix it.

  • pr0xidian

    Does this effect my note 2?

    • DavidVarghese

      Try it out?

  • kenyee

    And here’s the trivial workaround: set the option that kicks in the lockscreen when you hit the power button?

    How do I know this? It’s because that’s how I had my S3 set up. I couldn’t reproduce it because in the last key of the sequence, it powers off my screen and when I turn it back on, it shows the lockscreen…. :-)

    • Necrobain

      Actually, On Verizon at least I have this function checked and I was able 5to unlock as the article says. More disturbing is that after unlocking this was the phone will not lock on power button press, or after it screen blanks. requires a reboot.
      You have to hit the power button right after pressing the home button.

      • kenyee

        Could you detail what you did a bit more? This is what I saw when I tried it (starting from the emergency contacts list:
        - hit home button and you can see the home screen for a second
        - during this second, hit the power button and the screen turns off
        - hit power button again and the screen turns back on w/ the lockscreen in place

        • Necrobain

          It usually takes a couple times, but I hit the Home screen button and then pause just a sec and hit the power button. Fast, but not too fast. (Sounds stupid I know). Then hit the power button again. As someone else here said, then I cannot relock the phone, and the notification pulldown does not work. It requires a reboot to fix. Done it about 5 times and I just tried it again and can’t get it to work, so it is a real hit or miss thing, but it does work.

  • Chris Stoochnoff

    hmm, i just fluked it off once after trying a bunch of times. The trick seems not too be TOO quick about it. Quick, but still a very slight delay.

    • Chris Stoochnoff

      Just got it a second time, and yes, that seems to be the trick. I don’t know how to describe it, but don’t do it as quick as you can, but with a very, very slight delay afterwards.

      Seems once you bypass the lock screen is bypassed until your next reboot. Also my pull down notification bar stopped working until reboot too.

  • Chris H

    I can’t replicate it on my VZW GS3

  • http://twitter.com/Joker22joe joe kimber

    Big deal if ur stupid enough 2 lose or let some hacker use ur phone, 2 bad, so sad.

    • enomele

      No one on the face of the earth has ever had they’re phone taken without consent.

  • jteply13

    Is this before or after the OS upgrade to 4.1.2???

  • FortTech101

    It’s actually a complicated process. I had to try about 20 times.