11 October 2017, India:
OnePlus has reportedly been collecting personal information of users and sending to company’s server without their permission, according to a security researcher. Christopher Moore, who is a software engineer.
— Christopher Moore (@chrisdcmoore) January 13, 2017
That’s not going to make a difference; presumably you bake this into the OS image. Is there a system app responsible that I can disable?
— Christopher Moore (@chrisdcmoore) January 14, 2017
Chris Moore, the owner of a UK-based security and tech blog, recently published an article demonstrating that OnePlus has been gathering his personal information and transmitting them without his permission. He noticed an unfamiliar domain while completing the SANS Holiday Hack Challenge and decided to further examine it. He found that the domain – open.oneplus.net – had essentially been collecting his private device and user data and transmitting them to an Amazon AWS instance, all without his permission.
OnePlus also responded to Android Police with a statement. “We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior. This transmission of usage activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.”