OnePlus mobiles are phoning home rather detailed information about handsets without any obvious permission or warnings, setting off another debate about what information our smartphones are emitting.
Software engineer Christopher Moore discovered that the information collected included the phone’s International Mobile Equipment Identity, phone numbers, MAC addresses, and mobile network among other things. Moore further found that his OnePlus 2 was sending information about when he opened and closed applications or unlocked his phone to a domain at net.oneplus.odm.
MAC randomization: A massive failure that leaves iPhones, Android mobes open to tracking
OnePlus, for the uninitiated, is a Chinese smartphone manufacturer that specialises in developing and marketing Android phones, recently launching a higher-end model. Its earlier models gained a lot of cachet from their by-invitation-only status.
Responding to queries from The Register, OnePlus offered a statement explaining that it was collecting “analytics” not shared with third parties:
The code responsible for this data collection is part of the OnePlus Device Manager and the OnePlus Device Manager Provider.
Privacy-focused users have the option of stopping these data collecting system services every time they boot the phone or removing these via ADB (Android Debug Bridge utility), a process that wouldn’t require an initial rooting of the device.
Apple dodges data privacy sueball: Fanbois didn’t RTFM*, says judge
Moore first published his findings months ago, but the issue touched off a public debate this week on the Android subreddit. ®