The Shenzhen based Chinese smartphone manufacturer has been collecting data from individual’s phone without permission, and the users are not happy. All of us know that every phone gathers information on its user, but OnePlus fails to understand how much is too much.
Engineer Christopher Moore found out about the OnePlus software collecting user data on the OnePlus 2 during a Hack Challenge which was later sent out in a report. During the said challenge, Moore started to proxy the internet traffic from his OnePlus 2 using OWASP ZAP. It is a free security tool used for finding security vulnerabilities in any web applications.
The smartphone company is collecting a long list of data which includes: IMEI numbers, phone number, MAC addresses, IMSI prefixes, serial number, mobile network names, when a particular user launched/closed an app, screen on/off time, time when user locked or unlocked their phone, and more such date. It has undoubtedly become greedy with data collection.
“We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine-tune our software according to user behavior. This transmission of user activity can be turned off by navigating to Settings. The second stream is device information, which we collect to provide better after-sales support.” OnePlus stated in response to a statement by the Android Police.