OnePlus models collecting usage data

OnePlus phones, from OnePlus 2, are collecting data without user permissions. Along with all scandls OnePlus had, like cheating on benchmark tests, reboots on emergency calls as wrong display placements, Chinese company is again under pressure.

Software engineer Christopher Moore started proxying all the data on his OnePlus 2 and found out there was data flow pointing to open.oneplus.net over HTTPS protocols, and they were rerouted to Amazon Web Services in the USA.
He decrypted that data and discovered attached informations about phone locks and unlocks, as abnormal phone resets. Looking at the data for a longer period he also saw attached informations that contain IMEI number, MAC adress, phone serial number, Wi-Fi SSIDs, IMSI prefixes, etc…

Reaching out to OnePlus, company stated that ''They securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which they collect in order for them to more precisely fine tune their software according to user behavior. This transmission of usage activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which they collect to provide better after-sales support.'

OnePlus System Service was responsible for this, which cannot be permanently shut down because it is system process, but recently Jakub Czekański wrote on his Twitter account that you can permanently block this by typing ‘pm uninstall -k –user 0 net.oneplus.odm’ on Android Debug Bridge.

Source