Published: Wed, October 11, 2017
Sci-tech | By Carrie Guzman

OnePlus has been collecting very specific usage data

OnePlus has been collecting very specific usage data

Last year, Christopher Moore was taking part in a Hack Challenge and chose to run the web traffic from his OnePlus 2 through a proxy. He also dug deeper into and discovered the domain name to be an Amazon AWS instance, which is also owned by OnePlus. Software engineer Christopher Moore has found out that the company has programmed its phones to send out personally identifiable analytics data to its servers. He also claims that his OnePlus 2 was sending information about locks and unlocks and unexpected reboots.

Otherwise, you might have to put up with this data collection, though given the attention it's got we wouldn't be surprised if OnePlus soon changes it to an opt-in process, since this isn't the sort of publicity it needs.

After the blog post, OnePlus responded to the allegations saying the device information being collected was to improve services and that users had the option to switch off the option of transmitting usage activity at any time.

While OnePlus says that the bulk of the data transmission can be turned off with the above instructions, Twitter user @JaCzekanski pointed out that the app sending the data (OnePlus Device Manager) can be removed via ADB, root not required.

Thune has questions for Equifax post-hack
A separate LendEDU poll of 1,000 US consumers found that just 15.8 percent had not yet heard of the Equifax breach . The data includes partial credit card details, phone numbers and drivers' licence numbers.

He discovered that the data being sent to OnePlus' servers included the phone's IMEI number, the phone number, MAC addresses, mobile network names and IMSI prefixes, info on Wi-Fi connection and the phone's serial number.

"These event data contain timestamps of which activities were fired up in which applications, again stamped with the phone's serial number", Moore explained on his website. We however would not recommend the second solution because it would hamper some features of your OnePlus phone.

Now, even if OnePlus keeps all this to itself, "in order to more precisely fine tune software according to user behavior", as well as "provide better after-sales support", it's still way too much and way too detailed data. Meanwhile, you can use the above methods to stop the collection and transmission of data.

A Twitter user, Jakub Czekanski, said that the data transmission can be "permanently disabled". They said that a bulk of this analytics information can be turned off by excluding from the User Experience Program. In a time where user information and security of sensitive information is becoming more important, a transparent and comprehensive understanding of what information is being collected and for what goal (as well as the option to completely opt out of such collection) would be greatly appreciated in any situation.

Like this: