Security flaw found in AT&T Samsung Galaxy S II

A security flaw threatens to allow anyone to bypass the security measures on AT&€™s version of Samsung’s Galaxy S II smartphone, a tech site reported over the weekend. The Boy Genius Reports (BGR) website said a simple workaround can let anyone bypass the unlock pattern, a preset pattern drawn on a grid of nine dots spread across the device’s lock screen. “If you have a PIN or an unlock pattern set, all you have to do in order to bypass it is simply tap the lock button to wake the display and then let the screen time out and go black. Tap the lock button again and lo and behold, the unlock screen is gone and the phone can be accessed with no PIN or pattern input whatsoever," BGR said. BGR said the same flaw allows users to bypass PIN security as well. So far, it said it has confirmed the flaw exists on AT&T’s Galaxy S II but not on Sprint’s Galaxy S II and Epic Touch 4G. It is not immediately clear if other phone models are affected. A Samsung spokesperson responded to BGR’s inquiry, stating that the company is investigating the possible security threat but no further comment is available at this time, BGR said. It added an AT&T spokesperson declined to comment. The BGR report said this security workaround exists as long as the phone has been successfully unlocked using the proper pattern or PIN at least one time, so the lock cannot be bypassed immediately after the device is powered on. “Of course the first thing a user does after powering on a phone is unlock it, so lost and unattended devices are at risk unless they have been powered off since last being used. Of note, users with Microsoft Exchange security policies don’t seem to be affected," it noted. — TJD, GMA News