OnePlus Phones Have an Unfortunate Backdoor Built In

手机数码 Wired (源链)

OnePlus smartphones have
developed a bit of a cult following, thanks to a combination of design and affordability
that few other Android handsets match. But OnePlus has also experienced some notable privacy and security issues, including a recent admission
that it was collecting a sketchy amount of user data on its corporate servers. Now, a French security researcher has published evidence that nearly every OnePlus phone model comes pre-loaded with a factory testing app that essentially acts a backdoor, potentially granting hackers full access to your device. Whoops!

The Hack

It turns out that every OnePlus model, except the original OnePlus One, has an application called “Engineer Mode” buried in its operating system. The app appears to be a development and factory testing tool, and can be used for things like GPS checks and hardware scans. These types of tools are common, but generally disabled or removed before devices ship to consumers; otherwise their power and operating system privilege could be abused. In this case, while Engineer Mode isn’t immediately accessible from the user interface, it doesn’t take that much software probing to access it, and from there some simple commands could give an attacker root access to almost any OnePlus. The tool is a customized version of a Qualcomm app that contains the backdoor, protected with a hard-coded password.

“It’s not good. In theory, this kind of app must be removed from the final release,” says Robert Baptiste, the firmware analysis researcher who discovered the flaw. “But [that] adds another operation in the factory, which costs time and is always complicated. So sometimes—often—companies decide to keep this app. Security by obscurity is a common practice.”

Unfortunately, OnePlus didn’t obscure its Engineer Mode quite enough.

Who’s Affected?

OnePlus has sold millions of smartphones, and most of them are currently threatened by Engineer Mode. One plus owners can go to Settings
, then Show System apps
to check whether Engineer Mode is installed, and then delete it.

The tool can give an attacker total power over a device, but it also has real limitations. Baptiste and others point out that attacks exploiting the app requires physical access to a given device. OnePlus noted the same in a statement Tuesday, saying that Engineer Mode won’t grant full root privileges to third-party apps, ruling out more virulent remote attacks.

“EngineerMode is a diagnostic tool mainly used for factory production line functionality testing and after-sales support,” OnePlus says. “Any sort of root access would still require physical access to your device. While we don’t see this as a major security issue, we understand that users may still have concerns and therefore we will remove the adb root function from EngineerMode in an upcoming [software update].”

How Serious Is This?

Researchers emphasize that while the Engineer Mode flaws aren’t an apocalyptic crisis, they still represent a major overlooked security lapse. And while OnePlus’s upcoming fix should reassure users, some believe the episode hints at a larger potential problem with the company’s security screening and device vetting processes.

“This isn’t really a horrible situation, it will be an easy fix,” says Tim Strazzere, a researcher with the mobile security group RedNaga. “This is, however, indicative of their security posture and quality control. Maybe they’re all patched up for generic issues, but for any device/manufacturer specific issues, they likely have more. So, personally, I’d be looking to see how they respond to this and what other issues are on this device. Where there is one, there are often many more.”

Given that OnePlus doesn’t “see this as a major security issue,” it’s an open question as to whether the company will learn from the mistake and take more extensive precautions in the future. OnePlus owners should check their devices for Engineer Mode and call on the company to prioritize avoiding this type of flaw. And other manufacturers should take note as well.

“They suck, this is sure,” Baptiste says of OnePlus’s security, “but we can find this kind of thing in every firmware.”

您可能感兴趣的

Android 7.0底层,一加正式推送氢OS 3.0系统... 一加开始正式向一加手机3与一加手机3T推送氢OS 3.0系统,位于北京、湖北、广东三个地区的玩家将优先收到对应的OTA,其余地区的玩家则要需要等待稍后的全国推送。与之前的氢OS 2.0相比,氢OS 3.0的底层将升级为Android 7.0,并与同时期的氧OS 4.0实现底层统一,也就是之前一...
一加5T详细配置遭泄露:8G大运存+骁龙835CPU... 原标题:一加5T详细配置遭泄露:8G大运存+骁龙835CPU 已确定本月底发布的一加5T,这段时间可谓是被曝的”一丝不挂“,前有一位法国妹子拿出真机上手的视频,这不,GFXBench网站又给我们带来了一加5T详细硬件配置信息。 一加5T详细配置(图源: GFXBench) ...
OnePlus 5 getting update with latest security patc... OnePlus is pushing out a new update to its flagship. TheOnePlus 5is now receiving an OTA for OxygenOS 4.5.7. You won’t be getting a new version of An...
OPPO R11s突然开启预热:或将是一加5T/6的模具... 原标题:OPPO R11s突然开启预热:或将是一加5T/6的模具 今晚(10 月 22 号),OPPO 突然正式宣布了旗下的新机——R11s,而且还是用了一种比较特别的方式,OPPO 包下了北京、上海、沈阳、重庆、深圳、长沙、苏州、成都和广州九大城市的地标建筑,并且打下了不同的广告语,以突出 R1...
流畅度翻番!一加3/3T确认年底升级安卓8.0... Android O(安卓8.0)正在紧张开发之中,除了Pixel/Nexus等“亲儿子”将首批升级,索尼、诺基亚、一加、HTC等都宣布了推送更新的计划。 昨日,一加在Reddit的AMA(ask me anything)中回答了网友的疑问, 表示,一加3/3T基于Android O的系统...
Wired责编内容来自:Wired (源链) | 更多关于

阅读提示:酷辣虫无法对本内容的真实性提供任何保证,请自行验证并承担相关的风险与后果!
本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » OnePlus Phones Have an Unfortunate Backdoor Built In



专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录