In a new video, RootJunky demonstrates how in just 10 minutes he was able to navigate around Factory Reset Protection in a Galaxy Note 5. This security feature is meant to make it impossible for someone to take your phone and just perform a factory reset as a way to make it their own.
If anyone performs the factory reset via the recovery, the phone is more or less inoperable until the original owner signs into his or her Google account on reboot. This means that you have basically no extra steps to factory reset your own device for your own reasons, but a common thief can't do much of anything without knowing your password.
Well, that's how it would work on Samsung phones if not for a flaw introduced in Samsung's own software. You can take a look for yourself in the video below:
Basically, if you insert an OTG drive, the OS allows you to open files on it, even when you should be locked into the screen requiring a Google sign-in after the factory reset. He put an APK on the OTG drive that does nothing but open up the settings. From there, just install the APK—yes, the OS even lets you disable the "unknown sources" security measure in this state—and you will be given free reign over the settings.
To finally bypass the reset protection, you just factory reset from the settings rather than from recovery. After that, the phone will be a clean slate. It will be pretty simple for a moderately tech-proficient thief to take your phone and remove your stuff from it.
We'll keep our ears to the ground for word on if and when Samsung pushes updates to fix this.