Just FYI the same issue was found and disclosed back in February by MTI, with some additional ways to exploit it. They used an S3 in their test, but was the same flaw in Samsung's version of Android. Might be useful to reference it for additional info for visitors. Thanks.