Your Samsung Galaxy Note 2 Has a Security Hole: Observe These Measures for Provisional Protection
A new security hole is discovered on the Samsung Galaxy Note 2, allowing hackers to briefly access the handset's home screen and do as they please in that short window time.
The vulnerability was exposed by mobile gadget expert Terence Eden, who insisted that no plug is available at the moment to deal with the issue.
"Changing to a different launcher will not protect you ... Using a 3rd party lock screen will not protect you if it accesses the emergency dialler," Mr Eden said on his blog post.
The exploit works this way: Press the 'Emergency Call' icon on the phone's lock screen then the ICE button and proceed into tapping the physical Home button, holding it for some seconds to gain entry into the Home Screen, which is displayed in a split-second.
However, the blog post also clarified the flaw can be exploited in a limited scale at the moment, describing it as a "reasonably small vulnerability."
A report by ZDNet suggested that the problem can also be detected on other Galaxy handsets or any device that runs on JellyBean 4.1.2 though Samsung and Google have yet to issue statements on the matter.
The best thing to do at this time is for owners of Note 2 to test the gadget and observe the necessary measures to protect their privacy while Samsung and Google contemplate if they will dispatch an update to correct the security error.
In the absence of viable answers from the two firms, Mr Eden suggested that users can take up the following as temporary but effective protection:
- Do not use direct dial widgets on your homescreen.
- Remove any calendar or email widgets which may show sensitive information from your homescreens.
- Ensure that any apps which you do have on your homescreens do not automatically cost you money or act maliciously when launched.
- Use an app locker to prompt for a password when apps are launched.
This news came out as Samsung recently announced the addition of SAFE with Knox to its high-end Galaxy smartphones that will owners of the handsets to shift into a more secured phone profile exclusively for business use.
But the solution will not be available until the second half of 2013. The only consolation for now is the issue seems less serious when compared to the similar problem that currently plagues Apple's iOS 6.1.
Taking into account Apple's claims that the platform runs around 300 million gadgets across the globe then the same number are potentially dealing with the flaw until the tech giant is able to quash the bug, which ZDNet said will likely happen about two weeks from now.