PS Canada Announces PlayStation 4 Pro Black Friday Bundles & More
Vivo V7 With 24-megapixel Selfie Camera Lands In India
Android Oreo In Only 0.3% Active Devices; Marshmallow Remains Popular
Honor 7X cuts bezels in budget Android
Marvell suits up well for growing chipmaker wars
OnePlus phones include an easily exploitable backdoor
15 November 2017, 12:25 | Patty Hardy
OnePlus left a backdoor in its devices capable of root access
An apparent factory cockup has left many OnePlus Android smartphones with an exposed diagnostics tool that can be exploited to root the handsets.
Dubbed "EngineerMode" the tool has been designed as an easy way for phone makers to test the hardware on their devices. According to a Twitter user Elliot Alderson, some of OnePlus devices come with EngineerMode APK app pre-loaded on them, which acts as a backdoor, giving people root access without the need for unlocking the phone. This app is used by OnePlus to ensure that a device is working properly before it leaves the factory.
A potentially risky backdoor in multiple OnePlus devices has been just unearthed by a knowing developer, revealing a hidden app that can be potentially used to gain root access and take control over the device.
More Sunshine, Warmer Monday
But, our Pinpoint Weather team will be watching the system all week to make sure we don't have to add in accumulation. Overall a fantastic fall week of weather as days will feature more sunshine than clouds, and nights clear and chilly.
The app, called EngineerMode, is not normally seen unless you ask to see the device's system apps. With root access, an attacker could change just about anything about the device's software. It is actually a modified version of a testing application created by Qualcomm. The application was present on several models of OnePlus devices including OnePlus 3, OnePlus 3T and OnePlus 5. Check the name of native library used to check the code: door...
Still, the presence of the app brings into question OnePlus' security protocols. Once the app was decompiled, a password was still needed for the app so that it would give root access to devices. The company already drew criticism earlier this year over its onerous data collection practices, in which the company sucked up sensitive data from user devices and transmitted that information with each device's serial number attached. It is also possible to delete the app once it is discovered.
In a statement to Android Authority, OnePlus said "We securely transmit analytics in two different streams over HTTPS to an Amazon server".
Colin Kaepernick named GQ's Citizen of the Year
Back in August, NFL Hall of Famer Jim Brown let it be known he wasn't a fan of Colin Kaepernick kneeling during the U.S. Although a better quarterback than many of his peers, no National Football League team has signed him.
Bill Gates invests $50 million to fight Alzheimer's
The Microsoft co-founder said the donation to the Dementia Discovery Fund is personal and not through his charitable foundation . He added that the Gates Foundation might consider how to expand access in poorer countries when treatments are developed.
IPhone X Plus Launch Date Set For 2018
The iPhone 8 is expected to see a 50-60% decline this quarter thanks to consumer preference for the iPhone 8 Plus and iPhone X. Both the 64GB and 256GB versions have been affected and this is the same for both Silver and Space Grey devices.