Electronics

Oneplus Is Found Collecting Users' Personal Data Without Their Consent

Oneplus Is Found Collecting Users' Personal Data Without Their Consent

Earlier, there have been reports on OnePlus manipulating benchmarks and incorrect mounting displays but this time around, Moore while participating in the SANS Holiday Hack Challenge made a decision to check the internet traffic from his phone OnePlus2 2.

Essentially, Moore monitored the incoming and outgoing traffic from his phone to discover that his OnePlus 2 was making traffic requests to open.oneplus.net. He also found that some of the data being sent to OnePlus servers included the phone's IMEI number, phone number, MAC addresses, mobile network names and IMSI prefixes, Wi-Fi connection info, and the phone's serial number. There are speculations that OxygenOS, the company's custom version running on top of Android, could have a certain plug-in to enable the transmission but we will have to wait for a fix from the company side. But a security researcher's discovery that his OnePlus 2 was sending highly detailed information back to OnePlus without consent has set privacy alarm bells ringing (the issue also affects more recent OnePlus handsets). This probably prompted the Ministry of Electronics and Information Technology to recently issue a directive details of what all data that phone companies were collecting from users.

Since then, a Twitter user, Jakub Czekanski, has already pointed out to a solution to this unwarranted data mining.

Kenya: Gunmen kill two staff of the Technical University of Mombasa
According to the initial details provided by the police and witnesses, two people, staff members of the university were killed. Kieng said the injured police officers managed to repulse the motorbike-riding attackers who had targeted to rob their rifles.

@chrisdcmoore I've read your article about OnePlus Analytics. This one doesn't just concern the OnePlus 5, actually surfacing online many months back after a lot of digging into the OP2's data collection tactics.

The data collection has been sourced to a system application called "OnePlus System Service" which uses cannot be turned off but can be disabled every time you turn your device on. OnePlus might prefer that you spend your time thinking about the upcoming OnePlus 5T and OnePlus 6, but this tale of telemetry is going to dominate for a little while. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behaviour. This transmission of usage activity can be turned off by navigating to "Settings" - "Advanced" - "Join user experience program". Apparently, there are two apps are to be blamed for collecting and sending personal information to OnePlus' domain: OnePlus Device Manager and OnePlus Device Manager Provider.

So what does OnePlus have to say about this?