HomeNewsOnePlus accused of leaving a backdoor to give root access

OnePlus accused of leaving a backdoor to give root access

The developer, with the help of few cybersecurity experts, was able to discover the password and was able to root a OnePlus device with few commands.

OnePlus has recently accused of collecting a vast amount of sensitive private data from users’ smartphones in the past and now, the company has been blamed for leaving a backdoor on its devices that is capable of granting root access.

According to one developer named as Elliot Alderson, OnePlus has an application called as ‘EngineerMode’, which is basically used to check whether the unit is working properly or not in the factory. The application is present in all OnePlus devices including 3, 3T and 5. The has the ability to diagnose GPS, check root status and perform a series of tests.

In this app, the developer has found activity known as ‘DiagEnabled’, if enabled with a specific password, grants the root access. The developer, with the help of few cybersecurity experts, was able to discover the and was able to root a OnePlus device with few commands.

He further claims that the company has intentionally left the backdoor on their devices. The developer further added that he will publish an application for rooting OnePlus devices without unlocking. OnePlus co-founder Car Pei tweeted that the company will look into the claims made by the developer.

Earlier, according to a post on Christopher Moore’s blog, OnePlus is collecting sensitive private data like numbers, mobile network names and IMSI prefixes, MAC addresses, and more. He discovered that his OnePlus 2 device was sending data to an HTTPS domain, which was transmitted to Amazon Web Services and belongs to OnePlus (open.oneplus.net domain).

You might also like this:

In a statement to Authority, OnePlus said “We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine-tune our software according to user behaviour. This transmission of user activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.”

For the latest tech news and reviews, follow us on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

RELATED STORIES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Crypto News