A security researcher named Chris Moore discovered that the OxygenOS, which powers OnePlus devices, apparently harvests users information.
With the advent of modern-day technology, devices have become smarter and more powerful, packing a lot of features in as little space as possible. Due to this, concerns about privacy and security have risen as well, and it seems that Chinese smartphone maker OnePlus has become one of the reasons why many are concerned about their information.
According to reports, OnePlus’ OxygenOS actually records data, which includes phone unlocking habits, app usage, and Wi-Fi networks.
Although this information might not be anything new, especially for the current generation of smartphones, what made it more alarming to fans was the fact that it also harvests that phone’s IMEI, number, mobile network names, all of which makes it easy to attach a single user to a OnePlus device. Moore discovered that the phone was able to send 16 megabytes of data within 10 hours of usage.
“We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior,” OnePlus said in a statement, as reported by XDA Developers. “This transmission of usage activity can be turned off by navigating to ‘Settings’ – ‘Advanced’ – ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.”
Moore’s blog suggests having the OnePlus service permanently killed by rooting the device. He also provided a link to the instructions. However, fans were also reminded that rooting is on dubious legal grounds, and should be done with caution. Regardless, OnePlus’ data collection activities may endanger the security and privacy of its users, and many are clamoring for an official explanation from the company.