Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Monday October 16 2017, @03:52PM   Printer-friendly
from the just-taking-after-the-leaders dept.

Submitted via IRC for Bytram and SoyCow1937

OnePlus mobiles are phoning home rather detailed information about handsets without any obvious permission or warnings, setting off another debate about what information our smartphones are emitting.

Software engineer Christopher Moore discovered that the information collected included the phone's International Mobile Equipment Identity, phone numbers, MAC addresses, and mobile network among other things. Moore further found that his OnePlus 2 was sending information about when he opened and closed applications or unlocked his phone to a domain at net.oneplus.odm.

OnePlus, for the uninitiated, is a Chinese smartphone manufacturer that specialises in developing and marketing Android phones, recently launching a higher-end model. Its earlier models gained a lot of cachet from their by-invitation-only status.

[...] Privacy-focused users have the option of stopping these data collecting system services every time they boot the phone or removing these via ADB (Android Debug Bridge utility), a process that wouldn't require an initial rooting of the device.

Source: https://www.theregister.co.uk/2017/10/12/oneplus_privacy_concerns/

According to The Verge,

Chinese smartphone manufacturer OnePlus is collecting data from its users and transmitting it to a server along with each device's serial number, according to security researcher Chris Moore. In a January blog post (which has gained newfound attention this week), Moore detailed how OnePlus devices running OxygenOS record data at various points, including when a user locks or unlocks the screen; when apps are opened, used, and closed; and which Wi-Fi networks the device connects to. That's all relatively standard.

But OnePlus also collects the phone's IMEI, phone number, and mobile network names, so the data sent is identifiable to you personally with little to no effort required, which is what makes this very problematic. According to Moore, the code responsible for the data collection is part of OnePlus Device Manager and OnePlus Device Manager Provider. Moore says in his case, the services had sent off 16MB of data in 10 hours.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by bob_super on Monday October 16 2017, @04:41PM (3 children)

    by bob_super (1357) on Monday October 16 2017, @04:41PM (#583049)

    You need to open an office on one of the US's coast, and then this will be considered perfectly normal business. Spy on the whole world for maximum stock value!
    It helps if you change your name, and get a new one that starts with F, U, M, A, or G...

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 0) by Anonymous Coward on Monday October 16 2017, @04:51PM

    by Anonymous Coward on Monday October 16 2017, @04:51PM (#583051)

    Facebook, Uber, Microsoft, Apple, Google

    ...Right?

  • (Score: 5, Interesting) by Runaway1956 on Monday October 16 2017, @04:59PM (1 child)

    by Runaway1956 (2926) Subscriber Badge on Monday October 16 2017, @04:59PM (#583054) Journal

    Yep. We have pretty invasive monitoring by our own phone companies, but in this case, it's the Chinese. The only difference is, when an American company does it, it's expected, when a Chinese company does it, it's evil. Same story we had with the Russians and Kaspersky antivirus. https://soylentnews.org/article.pl?sid=17/10/13/0510225 [soylentnews.org]

    Some folks may not understand how much spyware is installed on their telephones by their telcos. This article doesn't explicitly name telcos, but it does assert that the malware was installed somwhere in the supply chain, before the customer ever took possession. https://blog.checkpoint.com/2017/03/10/preinstalled-malware-targeting-mobile-users/ [checkpoint.com]

    • (Score: 0) by Anonymous Coward on Tuesday October 17 2017, @08:47AM

      by Anonymous Coward on Tuesday October 17 2017, @08:47AM (#583371)

      For most people the bigger threat is the government of the country they live in than some government in some other country. So I'd be more afraid of using that phone if I were someone in China than if I were a US citizen.

      For similar reasons that's why you might want to get an iPhone if you're living in China. Doesn't matter if the NSA is spying on you if you're stay in China and never leave[1].

      [1] Merely avoiding the USA doesn't mean you're safe. As Kim Dotcom, Snowden, Assange, Roman Seleznev, etc have proven the arm of the US Gov regularly extends further than the USA and to levels lower than "ruler class" (like Saddam, Gaddafi, Assad, Kim) and top executives. That said the Chinese Gov might be more willing to sacrifice a random citizen to the US Gov than the Russian Gov (I'm just going by gutfeel here - e.g. the USA would have to pay less in $$$ or secrets/politics to China to get you).