OnePlus admits to collecting private data without user permission

Nicole Agatha Cruz
OnePlus faces yet another issue, this time regarding the non-consensual collection of data from its smartphone users. OnePlus

Smartphone manufacturer OnePlus has been secretly collecting private data from their users' smartphones in an attempt to provide better after-sales support, the company said, even though it has been shown that the data transmits directly to an Amazon server.

Chris Moore, the owner of a security and technology blog, published an article in January proving that OnePlus has been collecting private data from users, such as the phone's International Mobile Equipment Identity (IMEI) number, serial number, cellular number, MAC address, mobile network name, International Mobile Subscriber Identity (IMSI) prefix and wireless connection service set identifiers (SSIDs).

OnePlus is also collecting user data such as boot, reboot and charging screen on and off timestamps, together with application use timestamps.

The article recently gained traction, prompting a response from the company sent to Android Authority.

"We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior," the statement read. "The second stream is device information, which we collect to provide better after-sales support."

Incidentally, OnePlus was criticized in April for not providing better customer support to its users, particularly for not delivering on their promise of an Android Nougat update.

Moore discovered the security breach as he was completing the SANS Holiday Hack Challenge 2016. The blogger noticed that his OnePlus 2 was sending domain requests to open.oneplus.net.

Upon further research, Moore discovered that the code responsible for collecting user data was part of the phone's pre-installed OnePlus Device Manager application.

Moore tweeted to the OnePlus customer support account in January, to which the account provided basic fixes, such as clearing the phone's cache and performing a hard reset.

Worried OnePlus users may refer to the suggested solution offered by Twitter user @JaCzekanski which is to use the Android Debug Bridge program from Google.

Most Popular
Who was St Patrick and why is he patron saint of Ireland?

Who was St Patrick and why is he patron saint of Ireland?

False claims of 'Christian genocide' in Syria put church at risk

False claims of 'Christian genocide' in Syria put church at risk

Fears for Christians in Syria after massacre

Fears for Christians in Syria after massacre

Gateway Church founder Robert Morris charged with child sex abuse

Gateway Church founder Robert Morris charged with child sex abuse

Newsletter Stay up to date with Christian Today
News
Church cautiously welcomes Northern Ireland government programme
Church cautiously welcomes Northern Ireland government programme

The document outlines the governing priorities of Northern Ireland’s government.

Pope looks to Christ during 'period of trial'
Pope looks to Christ during 'period of trial'

In his weekly Angelus address, Pope Francis gave praise to God as the one who never abandons us, even in times of severe trial.

Ukraine imprisons Christian conscientious objector
Ukraine imprisons Christian conscientious objector

Serhy Semchuk was sentenced to five years and has had all appeals rejected

Homeless man charged with terrorism after 'fake' attack threat against Joel Osteen's Lakewood Church
Homeless man charged with terrorism after 'fake' attack threat against Joel Osteen's Lakewood Church

A homeless man alleged to have threatened a deadly gas attack on Joel Osteen's Lakewood Church in Houston, Texas, on Christmas Eve has been indicted on a federal terrorism charge.