learningandfinance.com


Electronics

OnePlus inadvertently left a backdoor on its phones

Share
OnePlus Left Behind a Testing App on Its Devices With Backdoor to Root Access Report

While the company eventually reversed course on the data collection, another discovery has been made in the software of OnePlus phones. Intended for internal use only by the company's engineering team to test if devices are working properly, the application has managed to remain on OnePlus devices that have been shipped to consumers-and may present a threat to their security. The application is a diagnostics tool called "EngineerMode" that Qualcomm developed and distributes to OEMs like OnePlus so they can test the hardware components of a device.

While the vulnerability allows attackers to use the EngineerMode app to fully compromise devices, a mitigating factor is that local access to devices is needed - no remote exploit is available. Having root access essentially means the user has complete control over the device, including privileged control over features that would otherwise be locked up. However, it can be exploited to enable backdoor rooting.

Jon Stewart Admits He "Could Have Done More" About Louis CK
Stewart , who was joined by the benefit's creator Michelle Smigel, had been quiet about the Louis scandal, but many were waiting to a response from him.

Trump's boss says Israel will continue to destabilize Syria
Israeli Prime Minister Benjamin Netanyahu attends the weekly cabinet meeting at his office in Jerusalem November 12, 2017. Israel has " set red lines and will stand firm on this ", he said Sunday.

Big 5 Sporting Goods Corporation (NASDAQ:BGFV) Short Interest & Technical Update
After $0.15 actual EPS reported by BJ's Restaurants, Inc. for the previous quarter, Wall Street now forecasts 120.00% EPS growth. Following the completion of the transaction, the director now owns 323,224 shares of the company's stock, valued at $8,484,630.

OnePlus' co-founder clarified that the company was collecting data to "better understand general phone behavior and optimize OxygenOS for a better overall user experience". Of course, expecting the developers to unlock the bootloader for each device during its testing phases would be ridiculous, but its inclusion does pose security risks for everyday users. But it also serves as a warning to OnePlus to be particularly careful with the software it leaves on its future phones after they roll off the production line. The app is normally hidden until you tell Android to show system apps, so you might not notice it unless you went looking for it. Hopefully OnePlus will remove the application from its devices with an update, all the way back to the OnePlus One.

Share