Android, iOS bugs expose phones to voyeurs, data thieves

The first line of defense against smartphone snoops is a handset's lock screen, but the two largest smartphone makers are having trouble keeping them secure.

Bugs were discovered Wednesday in both Android and Apple smartphones.

A bug discovered by Android researcher Terence Eden allows anyone to bypass the security measures in place at a phone's lock screen and gain total access to the contents of a handset.

Eden outlined the method for bypassing the lock screen in his personal blog. The technique exploits the 911 feature of a phone, which allows emergency calls to be made whether a phone is locked or not.

The researcher noted that he found his attack to work only on a Samsung version of Android. It does not work on phones running a stock version of Android from Google.

He tested the attack on a Galaxy Note II from Samsung, but he predicted it would also work on a Samsung Galaxy III, as well as other Samsung devices, too.

Samsung did not respond to a request for comment for this story.

Eden explained that he reported the bug to the company in February, and that he expected a bug fix to be issued shortly.

[Slide show: 10 tips for Android security]

Meanwhile, another lock screen bug was discovered in Apple's iPhone. The bug was discovered less than a day after Apple began pushing a version of its iOS operating system, version 6.1.3, to address a lock screen flaw discovered several seeks ago.

The bug was revealed by a reader of the Cult of the Mac website. It uses an iPhone's control feature to bypass the lock screen. However, the exploit appears to only work on iPhone 4's.

When a call is voice dialed, the publication explained, if the phone's SIM card is ejected during the dial-up, the phone will display its recent call log. From that screen, a peeper can browse and edit contacts and add pictures to the phone.

Both the Android and Apple bugs are similar, according to Diogo Monica, a security engineer with Square, a mobile payments company in San Francisco.

"They both exploit the emergency call system," he said in an interview. "When an emergency call is made, it allows a logic bug to be exploited and let you access the screen without authentication."

Once the lock screen is bypassed, not only can the information in it be eyeballed, but it can be copied, too. If your phone is unlocked, it can be connected to a computer and its contents dumped to the device, Monica explained.

He estimated that all the important data in a phone can be siphoned into a computer in a couple of minutes. A complete data dump of everything in a phone would take a maximum of 15 minutes.

Faulty lock screens would create serious concerns for corporations, maintained Glenn Chisholm, CSO and vice president of Cylance, a cyber security firm in Reston, Va.

"When you try to access your corporate mail, it usually forces you to enable your lock screen," he explained in an interview. "If the corporation can't trust a lock screen to protect their corporate information ... that's a big problem."

Another big problem for corporations is lost or stolen smartphones, added Giri Sreenivas, vice president and general manager of mobile for Rapid7.

To mitigate those risks, companies require their employees to secure their phones with a PIN. "These vulnerabilities allow those controls to be bypassed," he said in an interview.

Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.

Join the CSO newsletter!

Error: Please check your email address.

Tags applicationsAndroidsoftwareData Protection | WirelessApple iOSdata protectionApplelock screenconsumer electronicsGooglesecuritymobile securitysmartphones

More about AppleCSOGalaxyGoogleRapid7Samsung

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place