OnePlus left a backdoor in Oxygen OS that hackers could exploit

Alfred Osborne
November 14, 2017

OnePlus has still to fully recover from the data collection allegations it faced last month, and now fresh allegations have surfaced over user privacy.

OnePlus is catching heat from its customers yet again, this time for the discovery of a pre-installed application found on several of its handsets that could allow an attacker to gain root access. According to a Twitter user Elliot Alderson, some of OnePlus devices come with EngineerMode APK app pre-loaded on them, which acts as a backdoor, giving people root access without the need for unlocking the phone. The app in question is EngineerMode APK, and it has been developed by Qualcomm for the device manufacturers to test hardware components. The application is present in all OnePlus devices including 3, 3T and 5. "There's an activity - dubbed 'DiagEnabled" - associated with this app, which if launched with the correct password will give you the root access.

The app's primary objective is to test the phones during manufacturing and make sure the device is working correctly, but the app isn't then wiped from the phone. The user can access manual tests like root status test, Global Positioning System test or the main activity by sending a command. It is alarming how easily someone can get access to your smartphones in this day and age. Worse, the security software in the smartphone will fail to diagnose any such issue if the "superuser" has installed some high-tech malware in the system, notes First Post. That should be great news for those Android savvy users who want to root their devices.

More than 15000 scientists issue 'warning to humanity'
Global climate change is the top most priority of the novel letter's inventory of planetary menace. To mark the letter's 25th anniversary, researchers have furnished a stimulating follow up.

Gurmeet Ram Rahim getting special privileges in prison, alleges Rohtak jail inmate
He is now lodged at the District Jail at Sunaria near Rohtak in Haryana. "Jail authorities say he works, but we don't believe it". Adjoining his barrack, there is a small plot of land where grows vegetables, K P Singh, DGP (jails), Haryana had told reporters.

Bharti sells stake in Bharti Infratel for Rs 3325 cr
The sale was executed at a price of Rs 400.6 per share, representing a discount of 3.6% to the previous day's closing price. Bharti Infratel , a subsidiary of Bharti Airtel deploys, owns and manages telecom tower communication structures.

Alderson, with the help of cybersecurity experts, was able to root a OnePlus device with a few commands.

For its part, OnePlus has confirmed that the company is looking into the claims made by the developer.

Will it affect OnePlus 5T sales? But the team proved it can be done without a whole lot effort, which in turn leaves a lot of OnePlus devices vulnerable.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER