OnePlus left a backdoor in Oxygen OS that hackers could exploit

Alfred Osborne
November 14, 2017

OnePlus has still to fully recover from the data collection allegations it faced last month, and now fresh allegations have surfaced over user privacy.

OnePlus is catching heat from its customers yet again, this time for the discovery of a pre-installed application found on several of its handsets that could allow an attacker to gain root access. According to a Twitter user Elliot Alderson, some of OnePlus devices come with EngineerMode APK app pre-loaded on them, which acts as a backdoor, giving people root access without the need for unlocking the phone. The app in question is EngineerMode APK, and it has been developed by Qualcomm for the device manufacturers to test hardware components. The application is present in all OnePlus devices including 3, 3T and 5. "There's an activity - dubbed 'DiagEnabled" - associated with this app, which if launched with the correct password will give you the root access.

The app's primary objective is to test the phones during manufacturing and make sure the device is working correctly, but the app isn't then wiped from the phone. The user can access manual tests like root status test, Global Positioning System test or the main activity by sending a command. It is alarming how easily someone can get access to your smartphones in this day and age. Worse, the security software in the smartphone will fail to diagnose any such issue if the "superuser" has installed some high-tech malware in the system, notes First Post. That should be great news for those Android savvy users who want to root their devices.

Oscar De La Hoya Challenges Conor McGregor To A Fight
Despite being retired for nearly a decade, Oscar De La Hoya believes he could destroy Conor McGregor. I don't know what it is, but I'll tell you now that I've never felt so good before in my life".

Android 8.1 Appears Set to Reduce Inactive App Size, Saving Device Storage
According to the code first spotted by XDA-Developers, Android 8.1 will make apps inactive that haven't been used in a while. Older Pixel and Nexus devices have been updated while other OEMs are in the very early stages of testing betas and previews.

Wenger: Arsenal striker would have dived like Sterling
Wenger also criticised referee Michael Oliver and called Raheem Sterling a diver for a second time after the defeat to City. "In the heat of the moment of course he'll deny it". "He used well his position to get in front".

Alderson, with the help of cybersecurity experts, was able to root a OnePlus device with a few commands.

For its part, OnePlus has confirmed that the company is looking into the claims made by the developer.

Will it affect OnePlus 5T sales? But the team proved it can be done without a whole lot effort, which in turn leaves a lot of OnePlus devices vulnerable.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER