OnePlus knows if you’re addicted to Tinder
What if I told you that OnePlus can snoop in on your phone and know almost anything from what you do on your phone to where you are? Let’s talk about how it actually does!
It was only recently that Chris Moore’s blogpost (posted in January!) on OnePlus collecting data received media attention. Moore found OnePlus devices to be collecting a host of data from MAC addresses to the applications you use the most. But what was more appalling, was that all this data was linked to the individual phone’s serial number which meant that all the data collected could be denoted to an individual!
Carl Pei (co-founder of OnePlus) tried to clarify the situation by writing about it on a forum post. According to him, the company securely records analytics in two streams i.e. usage analytics and device information. And their only ideal behind collecting this information was to improve the phone’s operating system. They also claimed that this information wasn’t shared outside the company. Their data collection program will be getting improvements soon where they’ll ask the users if they want to be a part of it or not.
But it seems like there is more to the story!
A twitter user going by the name of Elliot Alderson (@fs0c131y) has discovered an application known as ‘BugReportLite’. To check if you have this application you can go to Settings>Apps>Show System Apps and search for ‘BugReportLite’. This pre-installed application sends information about your device to OnePlus servers every 6 hours!
The entire process kicks in as soon as you boot-up your device. It also checks if you are a beta user and flags the information collected accordingly. By default, the application collects system crashes, watchdogs and details about power consumption. What’s even more surprising is that this default configuration can be changed REMOTELY! Due to a global mechanism installed in their system they could possibly tweak and modify what they want, when they want!
Through this they also get access to detailed information with information related to batterystats. They can monitor which applications are used the most, open the most and other patterns which can have many implications. All this data collected is zipped in your phone and then uploaded to a remote server in Singapore. Elliot also found some unused methods and variables like ‘getMediaFile, TYPE_LOGGING_TCPDUMP, TYPE_LOGGING_BT, TYPE_LOGGING_CAMERALOG, TYPE_LOGGING_GPS’. With variables like this we can only imagine the data that OnePlus used to presumably collect. For all you know, the inappropriate joke that you forwarded to your friend may have triggered an outburst of laughter back at their office in China.
This is in no way ‘not a big deal’. Although, OnePlus has denied previous allegations of snooping for dubious reasons, it’ll be interesting to know what OnePlus has to say about this.