cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
userrBY1prvlH6
Cosmic Ray

S9 secure startup FATAL security flaw

JUMP TO SOLUTION

When secure startup option is enabled, which is supposed to protect the phone before it starts up, has a major security flaw. The phone remains unlocked and continues to display the home screen after the phone is rebooted and PIN/password is entered on the boot up.

Steps for replicating this issue:

  1. Set Screen lock type to PIN/password
  2. Enable Secure Startup
  3. Reboot the phone
  4. Enter the PIN/password for decrypting and starting the phone
  5. Home screen is displayed and the screen remains unlocked until it reaches total seconds/minutes of screen timeout and lock automatically selected.

This doesn't happen when secure startup is disabled and instead phone asks for the PIN/password for the first time before fingerprint/iris/face recognition options can be used.

 

Samsung Dev Team, please fix this flaw A.S.A.P. 

 

 

1 SOLUTION

Accepted Solutions
userrBY1prvlH6
Cosmic Ray

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

I know this is a Samsung forum but that doesn't mean you can't compare with other phones

 

Anyway Samsung moderator is trying to help me and thanks guys for your responses

View solution in original post

Reply
Loading...
14 REPLIES 14
Red Giant

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

that is the concept for N OS and O OS.

Reply
Loading...
userrBY1prvlH6
Cosmic Ray

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

I disagree. I've non- Samsung mobile that runs on Nougat and it does ask for the PIN again. 

Reply
Loading...
Red Giant

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

regardless of u disagree or not, that is the way it is. i've tried on every samsung N OS devices and does the exact same thing that u think it is an issue which isn't. why would put the pin in again after u just did anyway? that is annoying and extra step

Reply
Loading...
userrBY1prvlH6
Cosmic Ray

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

I disagreed with userbcMKA9DSlI comment saying it's Android OS feature which isn't true. I have TMobile Revvl that runs on Android 7.0 and it asks for PIN again.

The first time PIN is entered is for decrypting and loading the operating system and the second time is for accessing the home screen. Thus is more secure even though it's annoying to re-enter PIN again. 

Reply
Loading...
Samsung Care Ambassador

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

@userrBY1prvlH6 right, but if someone else knows your secure startup password, then it really doesn't matter, right? 

Reply
Loading...
Samsung Care Ambassador

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

@userrBY1prvlH6 how is this a security flaw? Why would I want or need to enter my biometrics or passwords an additional time after secure startup?

Reply
Loading...
Red Giant

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

Ok. It is samsung OS concept. I don't know other manufacturer's concept. However, for Samsung devices, regardless of any OS, that is how secure startup work. Asking pin or pattern or password one time and then goes to home screen.

 

this is samsung forum so dont compare with other manufacturer's devices. what's the point of it. if u like the other manufacturer's features, go for that instead of complaining to have the samsung the same way as others. nothing to really argue about in this matter. i dont even know why u r so caught up on this useless feature. we all use some kinda screen lock method anyway....

Reply
Loading...
userrBY1prvlH6
Cosmic Ray

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

I know this is a Samsung forum but that doesn't mean you can't compare with other phones

 

Anyway Samsung moderator is trying to help me and thanks guys for your responses

View solution in original post

Reply
Loading...
Samsung Care Ambassador

Re: S9 secure startup FATAL security flaw

JUMP TO SOLUTION

@userrBY1prvlH6 I don't believe there is a way to accomplish what you wanting. I could be wrong though. Good luck!

Reply
Loading...