OnePlus Backdoor Update: This Was No Secret
There's an update on the latest nonsense within OnePlus smartphones with regard to end-user personal privacy. This week OnePlus devices were discovered to have a relatively simple way to root and gain access with a simple APK. This APK was called EngineerMode, and it in itself is not all that uncommon. In fact, there's a distinct possibility that your device – regardless of brand – has an EngineerMode within it. The difference with the OnePlus app – in at least the OnePlus 3, 3T, and 5 – is that this app can relatively easily root the device – which, as we know, offers the user any access they like.
The app comes from Qualcomm.* There's a different EngineerMode app in a large number of devices – HTC, Samsung, LG, Sony, Huawei, Motorola, and others. It all depends on the way the end manufacturer decided to implement Android – and whether or not to include or remove certain functionality from the EngineerMode app.
THIS IS THAT: OnePlus preinstalls app that can be used as a backdoor
Some devices have the app called EngineerMode, others call it Service Mode. There might also be other names for the app – but we've yet to find them. The point here is that the secret was never the EngineerMode app – that app's been in Android phones forever. The oddity here is that this EngineerMode app in OnePlus devices did not remove a root switch.
When the official response from OnePlus says "an apk found in several devices, including our own," they're being polite in saying how absurd it is that the app itself is being called out as unique to OnePlus. As OnePlus representative OmegaHsu said, "EngineerMode is a diagnostic tool mainly used for factory production line functionality testing and after sales support."
The OnePlus full statement is included above. As is generally the case with any news that has ROOT in it, this one was blown quite a bit out of proportion – based on the information we have now. IF we find that this app actually gave permissions remotely, or that the root access could have been acquired without USB debugging switched on, there'd be trouble.
For now, just don't go leaving your OnePlus device in a den of hackers – and wait for that update.
*UPDATE: Qualcomm code security developers have responded to the situation. Apparently whatever they provided OnePlus, the folks at OnePlus changed – significantly.
But wait! There's more!
Wait, though. Wait just a second. There's another app that makes the first app feel a little bit more nefarious. This app is called OnePlusLogKit, and it most certainly is NOT included on a whole bunch of non-OnePlus phones. This app is capable of capturing Wi-Fi logs, NFC logs, Bluetooth logs, and GPS location logs. This app can also access modem signal and data logs, hot and power issue logs, and more.
The OnePlusLogKit app is clearly made for engineers to log the goings-on in a OnePlus device to diagnose a problem. That would be fine, but the app isn't something that should be opt-out. This app should not be on the device right out the box.
Luckily, if you believe you may have left your OnePlus device out in the open and there's a CHANCE you've been the victim of a villain, this app can also delete said logs. To access the app, go into the phone app's dialer and dial *#800#. The app should open, and you'll want to head to OnePlusLogKit – Delete history log. There you'll also see all the logging abilities, too.
We'll expect that this app will be wiped out by OnePlus with the next update too – but then there's also this data collection along with the most recent OnePlus response. It should be clear at this point that OnePlus isn't completely clear on what might constitute an alarm for personal privacy in their various smartphones. As soon as we get a OnePlus 5T, we'll be checking its innards out too.