OnePlus phone are quite popular in ozb and I want to bring to your attention a security discovery on oneplus analytics software. It send excessive data of yours (e.g. when do you open and close an app like outlook) back to oneplus.
Read the full article and there's a method of removal as well.
https://www.chrisdcmoore.co.uk/post/oneplus-analytics/
Great YouTube video of a guy having a HTC one connected to his Linux box and it was monitoring his phone. You could see that what ever you did on the phone like dial a number write a text or even Google search something it was sent back to an IP address that captured all the data.
He calls the phone and it was time stamping everything.
This was one reason why I never have gone HTC.
All Google and Apple device capture data in some way or another and in subtle ways too.
do you have a link pls ?
So having installed linageOS on my OP2 I assume I've removed this?
correct.
I found this really interesting. And am. actually trying to replicate this happening so I could analyze the data myself using another tool I work with but have been unsuccessful so far..
I reverted from linageOS to stock OP2 colorOS and Ive been able to capture traffic from my device using Owasp zap and proxy Droid on my rooted OP2 but not seeing the oneplus push traffic.
Any ideas?
To give a TL;DR summary the details it sends to Oneplus (as claimed);
* Phone Serial
* Hardware addresses
* WiFi network names
* Application start and stop times
* Power on, screen on/off, unlock
All with full timestamps and your timezone.
If you've brought the device directly from Oneplus (now that we can do this), they could even tie this to your name.
My conclusion is that as much as I don't like this - and it's probably enough to cause me to not buy another Oneplus phone - I don't trust that most the other manufacturers to not be doing the same thing. (I'd guess not Apple or Google, but the rest..????)
The real problem is even now knowing this is happening, how many non-tech people are actually able to stop it? Pretty much nobody.