Sean McMillian's bypass is somewhat of a variation on the method that the original discoverer of the bug, Terence Eden, used to briefly access the home screen on his Galaxy Note II. In McMillian's case, he tested the bug on three different Galaxy S IIIs. Notably, he was using the international version (GT-I9300) running 4.1.2.
For those wanting to verify the scenario themselves, it is as follows. Notably, timing is important, and even McMillian, who obviously tried it repeatedly, admitted it sometimes took as many as 20 times to get a "break into" the device.
- On the code entry screen, press Emergency Call
- Press Emergency Contacts
- Press the Home button once
- Just after pressing the Home button, press the power button quickly
- If successful, pressing the power button again will bring you to the home screen.
Interestingly, once the lock screen is bypassed, the bug appears to persist, so that when the phone's screen is turned back off, the phone will not re-challenge a user for a PIN, password, or pattern.
The flaw comes shortly after it was revealed that the lock screen in iOS 6.1 can be completely bypassed, again using the emergency call feature. Just as with the Galaxy S III, timing is critical in the iOS bypass, but even if you can get the exploit to work, you can only view and modify contacts, listen to voicemail, and browse your photos (by attempting to add a photo to the aforementioned contact list). Full access to the device is not allowed.