On his blog, Chris Moore reveals that the Chinese electronics company has been collecting some very specific data from OnePlus users without their permission.
EDITOR'S PICK
New rumor claims OnePlus 5T is coming in November with an 18:9 display
We've been focusing a lot of our energy on the Pixel 2, Galaxy Note 8, and LG V30 as of late, but there are still a couple more flagship phones coming down the pipeline in …
The hype around OnePlus is real: the next so-called flagship killer from the company is expected to feature a bigger display with a new aspect ratio and minimal bezels, and there are already multiple reports out there creating an online buzz. However, that’s not to say that all’s well in paradise. It’s no secret that OnePlus has faced heavy criticism from its users in the past year or two over its failure to provide adequate device support. More negative press ensued after the launch of the OnePlus 5 with reports of benchmark manipulation, wrongly-mounted displays, and more importantly, users being unable to dial 911 in emergency situations. Well, it seems the Chinese tech company is in trouble again, and in my opinion, OnePlus should really take the time to explain itself this time.
Chris Moore, the owner of a UK-based security and tech blog, recently published an article demonstrating that OnePlus has been gathering his personal information and transmitting them without his permission. He noticed an unfamiliar domain while completing the SANS Holiday Hack Challenge and decided to further examine it. He found that the domain – open.oneplus.net – had essentially been collecting his private device and user data and transmitting them to an Amazon AWS instance, all without his permission.
The data that OnePlus is accessing ranges from device information like the phone’s IMEI, serial number, cellular number, MAC address, mobile network name, IMSI prefix, and wireless network ESSID and BSSID to user data like reboot, charging, screen timestamps as well as application timestamps.
Moore states that the code responsible for this data collection is part of the OnePlus Device Manager and OnePlus Device Manager Provider. Fortunately, Jakub Czekanski claims that despite their being a system service, they can be permanently disabled through replacing net.oneplus.odm for pkg via ADB or through running this command: pm uninstall -k –user 0 pkg
Source: Android Authority
EDITOR'S PICK
New rumor claims OnePlus 5T is coming in November with an 18:9 display
We've been focusing a lot of our energy on the Pixel 2, Galaxy Note 8, and LG V30 as of late, but there are still a couple more flagship phones coming down the pipeline in …
The hype around OnePlus is real: the next so-called flagship killer from the company is expected to feature a bigger display with a new aspect ratio and minimal bezels, and there are already multiple reports out there creating an online buzz. However, that’s not to say that all’s well in paradise. It’s no secret that OnePlus has faced heavy criticism from its users in the past year or two over its failure to provide adequate device support. More negative press ensued after the launch of the OnePlus 5 with reports of benchmark manipulation, wrongly-mounted displays, and more importantly, users being unable to dial 911 in emergency situations. Well, it seems the Chinese tech company is in trouble again, and in my opinion, OnePlus should really take the time to explain itself this time.
Chris Moore, the owner of a UK-based security and tech blog, recently published an article demonstrating that OnePlus has been gathering his personal information and transmitting them without his permission. He noticed an unfamiliar domain while completing the SANS Holiday Hack Challenge and decided to further examine it. He found that the domain – open.oneplus.net – had essentially been collecting his private device and user data and transmitting them to an Amazon AWS instance, all without his permission.
The data that OnePlus is accessing ranges from device information like the phone’s IMEI, serial number, cellular number, MAC address, mobile network name, IMSI prefix, and wireless network ESSID and BSSID to user data like reboot, charging, screen timestamps as well as application timestamps.
Moore states that the code responsible for this data collection is part of the OnePlus Device Manager and OnePlus Device Manager Provider. Fortunately, Jakub Czekanski claims that despite their being a system service, they can be permanently disabled through replacing net.oneplus.odm for pkg via ADB or through running this command: pm uninstall -k –user 0 pkg
Source: Android Authority
No comments:
Post a Comment