Show menu
Home
›
News
›
OnePlus reportedly collects personal information from smartphone users

OnePlus reportedly collects personal information from smartphone users

Posted: 10 Oct 2017, 20:22 , by Cosmin Vasile

Share Tweet Share

Tags : Android -Android + OnePlus -OnePlus +

OnePlus reportedly collects personal information from smartphone users

In a world dominated by privacy paranoia, many companies are trying to be as transparent as possible whenever they launch a new product. Unfortunately, in the smartphone industry, it's even harder to get away with backdoors and other exploits that would allow a company to collect personal data from customers.

Well, it looks like OnePlus has been found guilty of breaking consumers trust. What's really baffling is that the Chinese company is already aware of privacy issue, as last year security researcher Christopher Moore discovered his OnePlus 2 smartphone was sending data to a HTTPS domain belonging to OnePlus without user's consent.

After analyzing the data the phone was sending to open.oneplus.net domain, he learned that it contained information about the screen, device unlock events, abnormal reboots, serial number, IMPEI, phone numbers, MAC address, mobile network names, IMSI prefixes, as well as wireless network ESSID and BSSID.

Moreover, Moore discovered the OxygenOS also gathers time stamps of when the user opened and closed apps, or which activities were being opened. Apparently, there are two apps are to be blamed for collecting and sending personal information to OnePlus' domain: OnePlus Device Manager and OnePlus Device Manager Provider.

Although the security researcher contacted OnePlus early this year, he was led down the usual path of troubleshooting suggestions after which communication has been cut completely.

More recently, someone discovered a workaround that will allow OnePlus users to disable OnePlus Analytics without having to root their devices. So, in order to disable the app permanently, you will have to use the following adb command: pm uninstall -k --user 0 pkg.

OnePlus has yet to respond to these allegations, but the fact that it tried to hide from the public this specific privacy issue may prove fatal for the company's brand image.

source: Christopher Moore via AndroidPolice

31 Comments

Options
Close Follow › Following
Show comments:

Display mode:

Always view all comments

posted on 10 Oct 2017, 20:31 9

1. jojon (Posts: 421; Member since: 11 Feb 2014)

....for me, this is another good reason not to buy Chinese phones.

posted on 10 Oct 2017, 22:51 2

13. you_sukk_it (banned) (Posts: 219; Member since: 11 Apr 2017)

op already had bad sales with the 5. this will help ease the death quicker.

posted on 11 Oct 2017, 00:49 8

19. Shubham412302 (Posts: 526; Member since: 09 Nov 2011)

Americans are even worst. They plant malware into their citizens PC and Mobile. #wannacry

posted on 11 Oct 2017, 01:26 1

22. NickHill (banned) (Posts: 388; Member since: 07 May 2016)

*facepalm* *crying* OnePlus collecting data and wannacry are nowhere related, young man.

posted on 11 Oct 2017, 03:16 5

24. Good-Is-Better (Posts: 103; Member since: 12 Nov 2015)

Don't be fooled. Every manufacture collects data. Believe it or leave it. The question is how they use the data collected?

What everyone should understand is, the day you bought a smart-phone and injected you info inside, is the day you part with your privacy. If the manufacture of that device decides to sell the info, the buy will get home with it and that's it.

posted on 11 Oct 2017, 12:30

29. Shubham412302 (Posts: 526; Member since: 09 Nov 2011)

Why don't you Google wannacry malware's history. It uses the loopholes in windows OS which American Govt. was using to spy on its people.

posted on 10 Oct 2017, 20:44 8

2. kiko007 (Posts: 7219; Member since: 17 Feb 2016)

"OnePlus has yet to respond to these allegations, but the fact that it tried to hide from the public this specific privacy issue may prove fatal for the company's brand image."

I don't know which is more shocking. That 1+ is collecting personal data, or that they had a brand image to uphold in the first place. What did you expect from a phone maker in mainland China? Oppo has been caught using a similar practice in the past as well, wonder if there is an overlap.

Having said my piece (peace?), I wouldn't worry too much about it as a 1+ owner. If they wanna peek at your selection of porn... let'em.

posted on 10 Oct 2017, 21:17 1

3. piyath (Posts: 2289; Member since: 23 Mar 2012)

This looks not good for Oneplus... Hope they fix this soon.

posted on 10 Oct 2017, 21:24 2

4. DavidDau (Posts: 27; Member since: 24 Oct 2016)

Backdoors are required by law for Chinese tech companies. OnePlus, Xiaomi, Huawei and Oppo all have adopted the law introduced by Chinese government. Nothing isn't transparent here.

posted on 10 Oct 2017, 21:30 1

5. kiko007 (Posts: 7219; Member since: 17 Feb 2016)

Seriously? That seems a bit... excessive.

posted on 10 Oct 2017, 23:51 1

18. dimas (Posts: 2824; Member since: 22 Jul 2014)

That's how it works in their country. But imposing that same data collecting system in global scale? No thanks oneplus.

posted on 10 Oct 2017, 22:44 1

11. Beijendorf (unregistered)

Could you cite that law, please?

posted on 11 Oct 2017, 03:38

25. RebelwithoutaClue (Posts: 5076; Member since: 05 Apr 2013)

Perhaps these backdoors are required for smartphones meant for the local market. International ones don't. That's why OP uses 2 Android versions (HydrogenOS and OxygenOS).

posted on 13 Oct 2017, 17:03

31. jacky899 (Posts: 254; Member since: 16 May 2017)

Don't think Chinese or any other governments have this requirement. The only country proven to require backdoors built-in to their hardware is the NSA

posted on 10 Oct 2017, 21:38

6. Chuck007 (Posts: 1390; Member since: 02 Mar 2014)

I like Oneplus' products but it's just one of those unfortunate things beings based on Mainland China. Sure the market is HUGE but you'd only be successful if you cooperate with the CCP regime. It's basically one large, corporate conglomerate.

posted on 10 Oct 2017, 22:09 3

7. MrShazam (banned) (Posts: 987; Member since: 22 Jun 2017)

Nothing surprising based on the article. During initial setup of my mum's new OnePlus 5, there were terms and conditions detailing what OnePlus will be collecting, and I recall reading about device unlock events, abnormal reboots, serial number, IMPEI, phone numbers, MAC address, mobile network names, etc. information being collected.

BTW, apple also collects personal information from iphone users, so, what exactly is the difference here besides the brand name?

posted on 10 Oct 2017, 22:13 6

9. L0n3n1nja (Posts: 1248; Member since: 12 Jul 2016)

This is phonearena. Apple is holy and uses your data for good as they are American. OnePlus is Chinese and will do evil terrible things with the information.

posted on 10 Oct 2017, 22:42 7

10. apple-rulz (Posts: 1336; Member since: 27 Dec 2016)

Dry those salty tears and show me on the doll where Apple touched you.

posted on 11 Oct 2017, 04:44

26. Tech-shake (Posts: 144; Member since: 14 Nov 2016)

I understand all the data being collected except the phone numbers part. What will OnePlus do with the collected phone numbers?

posted on 11 Oct 2017, 07:45

28. MrShazam (banned) (Posts: 987; Member since: 22 Jun 2017)

Yeah, the phone number part is concerning, that's a major reason why I rooted it and installed Xposed via Magisk; to get XPrivacy on it and take control of those suspicious data requests, be it by google or OnePlus.

posted on 10 Oct 2017, 22:12 1

8. L0n3n1nja (Posts: 1248; Member since: 12 Jul 2016)

Not a surprise to me, it's a budget flagship from a Chinese company. Even Lenovo has been caught spying on their users.

With that said, your cell phone carrier, internet service provider, Google, and Apple all collect a lot of information.

Honestly since Google now became Google Assistant, it's become increasingly obvious Google is watching everything I do with some of the push notifications I get recommending things to me.

posted on 10 Oct 2017, 22:46 2

12. Foxgabanna (Posts: 482; Member since: 11 Sep 2016)

Androids have been doing this for years!

posted on 10 Oct 2017, 22:59

14. Papa_Ji (Posts: 669; Member since: 27 Jun 2016)

Who knows what (American) Apple and Google are doing at OS level to steal users data.....

posted on 10 Oct 2017, 23:08 1

15. kiko007 (Posts: 7219; Member since: 17 Feb 2016)

I trust American companies with my data more than say, Chinese ones. No offence to any Chinese forum posters, but your government is kind of like that uncle who wants to know how your sex life is going.

posted on 11 Oct 2017, 01:12

21. TheOracle1 (Posts: 1097; Member since: 04 May 2015)

Because the Chinese ones are going to do what with your useless information that Google and Apple aren't already doing? This is only a worry for government officials, corporate executives and other high profile people that have access to sensitive information. We are mere nonentities in the big scheme of things. Besides there are apps and workarounds that can prevent this.

Pre-installed bloatware from the small Chinese brands and downloaded apps are far more insidious than BBK's data collection practices. Try apps like VirusTotal or Spy Monitor to see where your info is going and use a data blocker.

posted on 10 Oct 2017, 23:32

16. trojan_horse (banned) (Posts: 5868; Member since: 06 May 2016)

Damn, this might just put another nail in the OnePlus 5 coffin, as it's sales are already in red ink.

posted on 10 Oct 2017, 23:47

17. dimas (Posts: 2824; Member since: 22 Jul 2014)

And this is why I don't patronize huawei anymore. Good move oneplus, oppo, vivo or whatever your real branding is.

posted on 11 Oct 2017, 00:54 4

20. Zylam (Posts: 1669; Member since: 20 Oct 2010)

This isn't just a One Plus thing, it's an Android thing.

Remember that software carriers used to install on all Androids to collect user data?

I'm not surprised OEM'S are implementing their own ways to collect data.

It's not just phones, I've heard numerous times that LG collects data on their smart TV's of what people watch, I wouldn't be surprised if the other TV vendors do the same.

Doesn't bother me much, both my TV's are LG, they can collect all the data they want, but phones, there's way too much personal information on them and it's only going to increase.

Google's needs to create safeguards in Android that stop Oems from obtaining your personal information, but than again Google does the exact same thing.

It's also why there's no adblock in Chrome.

posted on 11 Oct 2017, 01:28 6

23. mootu (Posts: 803; Member since: 16 Mar 2017)

Google, Apple, Microsoft, all the carriers, your internet provider etc, they all do it and anyone who thinks otherwise is living in a dreamworld.

posted on 11 Oct 2017, 06:31

27. Plasticsh1t (Posts: 2958; Member since: 01 Sep 2014)

Let them watch at my porn collection. In the meantime, I'll find a way to turn off this mechanism. If I installed an AOSP rom will it prevent the data collection if anyone knows?