OnePlus smartphones running on OxygenOs is collecting way more data than it should. Smartphone providers usually collects data like location to improve the services. A recent study on OxygenOs revealed that it is collecting more data than it requires.
Security Researcher Christopher Moore on his latest blog revealed that OnePlus is actively tracking its users and sending this data to its Chinese server’s .
Christopher Moore analyzed the data going out from his OnePlus Smartphone and The Analytic’s module was sending the users,
- User’ phone number
- MAC addresses
- IMEI and IMSI code
- Mobile network(s) names
- Wireless network ESSID and BSSID
- Device serial number
- Timestamp when a user locks or unlocks the device
- Timestamp when a user opens and closes an application on his phone
- Timestamp when a user turns his phone screen on or off , to its Chinese servers.
“It gets even worse. These event data contain timestamps of which activities were fired up in which in applications, again stamped with the phone’s serial number.” Moore said
This same issue was also publicly reported to OnePlus in July last year by another security researcher and software engineer, who goes by the online moniker “Tux,” but the problem got ignored by OnePlus as well as others.
There is no direct fix to stop this data collection. But a twitter user Jakub Czekański @JaCzekanski came up with an idea to fix it without a root access . To fix this one can run pm uninstall -k –user 0 net.oneplus.odm from abd shell after connecting the smartphone to computer with USB Debugging mode turned On.