Skip to content

November 14, 2017

OnePlus inadvertently left a backdoor on its phones

by John_A

OnePlus’ security troubles aren’t over yet. Users have discovered that many of the company’s phones from the past few years (including the OnePlus 5) include a Qualcomm testing app, EngineerMode, that lets you get root-level access to the phone without having to unlock its bootloader. An attacker would likely need physical access to your phone to do any damage, but that still means they could insert trackers or otherwise compromise your phone with very little effort.

At first glance, it looks like this is an accident rather than any kind of malicious behavior. The app is normally hidden until you tell Android to show system apps, so you might not notice it unless you went looking for it.

Company chief Carl Pei says his team is “looking into” the software’s presence. If it’s as widespread as it appears to be, there’s a good chance you’ll see a software update removing EngineerMode. However, the discovery isn’t exactly confidence-inspiring. Between this and previously aggressive data collection, it looks like OnePlus hasn’t been paying particularly close attention to security or privacy on its devices. It’ll need to run a tighter ship if it wants to persuade users that its software is trustworthy.

Via: The Hacker News

Source: OnePlus Forums, Carl Pei (Twitter), Elliot Anderson (Twitter)

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: