Saturday, 25 November 2017
Latest news
Main » Your OnePlus Device Is Prone To Hacking

Your OnePlus Device Is Prone To Hacking

14 November 2017

This is thanks to a Qualcomm system-side app and OnePlus's decision to leave it in the custody of end users. In a Twitter thread, the developer explained how he was able to gain root access and surprisingly, the app has been pre-installed on all current OnePlus phones, and on OxygenOS for OnePlus One.

The app can diagnose Global Positioning System, check the root status, perform a series of automated tests, and more. A developer has found an application that can be manipulated into to granting a backdoor root access.

EgyptAir in deal to buy 24 Bombardier C-Series planes
A U.S. trade commission will decide in early 2018 on whether to impose duties of almost 300 percent on the planes as urged by the U.S.

On Tuesday, developer Elliot Alderson tweeted that OnePlus has left behind an app that can act as a backdoor to get root access to a device without unlocking it.

After tearing apart the phone's libdoor.so library, he managed to obtain root access though bypassing the escalate and isEscalated methods in the DiagEnabled activity.

USA security team in Israel to discuss Syrian border deal
On Saturday, Israel shot down a Syrian unmanned aircraft that it said tried to infiltrate Israeli airspace from neighboring Syria. We've got more newsletters we think you'll find interesting.

While the vulnerability allows attackers to use the EngineerMode app to fully compromise devices, a mitigating factor is that local access to devices is needed - no remote exploit is available. The application was present on several models of OnePlus devices including OnePlus 3, OnePlus 3T and OnePlus 5. However, carrying out such an attack would require physical access to the device-the hacker would need to have the smartphone in hand to hijack Engineer Mode and start doing damage. The app, developed by Qualcomm, has been essentially designed for OEMs to test hardware components or diagnostic tests on device.

This exploit is just that, an exploit in the phone's security. While the company eventually reversed course on the data collection, another discovery has been made in the software of OnePlus phones. It is also possible to delete the app once it is discovered.

Netflix, Others Drop Louis CK After Sexual Misconduct Accusations
Louis has since addressed the matter and many of his vital relationships have fell by the side in the aftermath. Charlie Day was "appalled" to read the allegations, he said in a statement to the Los Angeles Times .

Your OnePlus Device Is Prone To Hacking