OnePlus responds to the latest backdoor debacle, doesn't see it as "a major security issue"


Just yesterday, it was discovered that OnePlus has included a rather powerful app that could easily serve as a backdoor for many of its latest devices like the OnePlus 5, 3T, and 3. Dubbed Engineer Mode, the app is normally intended for testing and maintenance of Qualcomm-powered Android devices but also allows anyone with average knowledge to pre-root the device and greatly mess up with the security of the device. Of course, such an app has no place inside an official user build for an Android device.

There were even concerns that apps could be engineered abuse these easy root privileges, but OnePlus came up with an official statement earlier, declining that EngineerMode.apk can't be exploited by apps but only through ADB (Android Debug Bridge), a powerful desktop-based shell for Android. Granted, a knowing wrongdoer would be able to root your device in a rather easy way by having physical access to your OnePlus device, which has to have USB debugging explicitly enabled in the Developer Options menu. 

Even if that's true, the question still remains why OnePlus kept that app bundled within the official software build that's strictly intended for the end-user. What's more, the OnePlus team claimed it "doesn't see this as a major security issue", which doesn't sound particularly-reassuring and doesn't help its case very much. 

The ADB root feature of the Engineer Mode app will be removed in an upcoming software update, said OnePlus, but it seems that the app would remain part and parcel of OnePlus' OxygenOS ROM.


FEATURED VIDEO

13 Comments

1. Retro-touch unregistered

This app is in several other phones from other companies (Xiaomi, Asus, Oppo etc) . Instead of jumping the bandwagon and acting outraged, be glad that the media coverage got it fixed and possibly other manufacturers will follow suit.

2. you_sukk_it

Posts: 219; Member since: Apr 11, 2017

"we will remove the adb root function" hahaha bullshet op. just like your tracking software you acknowledged thats installed on all your phones. what a garbage company. not a major issue my asz

11. jacky899

Posts: 431; Member since: May 16, 2017

Well at least OnePlus is honest enough to openly acknowledge the issue and fix it right away. Compared to Samsung who repeatedly denied their TVs had a fake-off surveillance mode until it was proven by several high profile tech sources and the FTC had to step in. Finally Samsung admitted it.

3. jojon

Posts: 433; Member since: Feb 11, 2014

..Android needs to have something to say on this and other security issues on Chinese phones

4. markobarko

Posts: 176; Member since: Oct 09, 2016

True, but only if they wan't to, China is having a word here, they need backdoors, leaks. Same as cia for iphones.

10. jacky899

Posts: 431; Member since: May 16, 2017

Don't give me that B.S. There is no CIA backdoor in Apple phones. Apple is probably the last tech company in the world that refuses to give in to government required backdoors. If you want proof, just look at the San Bernardino case.

13. tedkord

Posts: 17365; Member since: Jun 17, 2009

That case only proves Apple didn't furnish the backdoor to the FBI.

9. BuffaloSouce unregistered

You do know android is the name of the OS and not an actual company? Google would be the ones who would have to step in but don’t count on that happening

5. NarutoKage14

Posts: 1324; Member since: Aug 31, 2016

It's part of the spyware suite. Even if they wanted to they aren't allowed to remove it.

7. Retro-touch unregistered

You must have missed the part that it's a Qualcomm app meant for internal builds for testing purposes. Yes Oneplus was spying but this wasn't the case just this time

6. drifter77

Posts: 401; Member since: Jun 12, 2015

OP has done it again. Cheating on benchmarks, monitoring and phishing devices and now a backdoor apk. Not to mention their preposterous invite system.

8. KeyserSoze

Posts: 387; Member since: Oct 06, 2014

Fuq OnePlus and all their spyware-filled phones. We should never trust Chinese phones again. You've been warned! The FBI should investigate these Chinese azz holes for invasion of privacy and espionage.

12. jacky899

Posts: 431; Member since: May 16, 2017

Lol so much love from the Koreans in the comment section as usual

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.