OnePlus left a backdoor in Oxygen OS that hackers could exploit

Alfred Osborne
November 14, 2017

OnePlus has still to fully recover from the data collection allegations it faced last month, and now fresh allegations have surfaced over user privacy.

OnePlus is catching heat from its customers yet again, this time for the discovery of a pre-installed application found on several of its handsets that could allow an attacker to gain root access. According to a Twitter user Elliot Alderson, some of OnePlus devices come with EngineerMode APK app pre-loaded on them, which acts as a backdoor, giving people root access without the need for unlocking the phone. The app in question is EngineerMode APK, and it has been developed by Qualcomm for the device manufacturers to test hardware components. The application is present in all OnePlus devices including 3, 3T and 5. "There's an activity - dubbed 'DiagEnabled" - associated with this app, which if launched with the correct password will give you the root access.

The app's primary objective is to test the phones during manufacturing and make sure the device is working correctly, but the app isn't then wiped from the phone. The user can access manual tests like root status test, Global Positioning System test or the main activity by sending a command. It is alarming how easily someone can get access to your smartphones in this day and age. Worse, the security software in the smartphone will fail to diagnose any such issue if the "superuser" has installed some high-tech malware in the system, notes First Post. That should be great news for those Android savvy users who want to root their devices.

Trump asked Chinese president to release USA basketball players
The president spent two days in China with Xi, discussing North Korea and trade relations among other issues. They made no public mention of the UCLA case.

Jimmy Fallon breaks down while paying emotional tribute to his late mother
Swift, who was not scheduled to appear on the show agreed to perform her new track when invited by producers at the last minute. Taylor sat down at the piano to sing the heartfelt song and was accompanied by just an acoustic guitar and some backup singers.

Amazon sells AWS cloud assets in China amid tightening regulation
Amazon was a late entrant to the Chinese cloud market which is dominated by local players like AliCloud and China Telecom. Legal reasons appear to be the reason that Amazon is offloading the business.

Alderson, with the help of cybersecurity experts, was able to root a OnePlus device with a few commands.

For its part, OnePlus has confirmed that the company is looking into the claims made by the developer.

Will it affect OnePlus 5T sales? But the team proved it can be done without a whole lot effort, which in turn leaves a lot of OnePlus devices vulnerable.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER