New Delhi: The Chinese smartphone manufacturer OnePlus has allegedly been accused of collecting information of users without their consent from their devices. The allegations have been made by one Christopher Moore, a software engineer, in his blogpost.
The post says that OnePlus has been collecting data through phone’s IMEI, phone numbers, MAC addresses, mobile network names, phone’s serial number and wireless network’s ESSID and BSSID.
Earlier, there have been reports on OnePlus manipulating benchmarks and incorrect mounting displays but this time around.
He writes, “ Amongst other things, this time we have the phone’s IMEI(s), phone numbers, MAC addresses, mobile network(s) names and IMSI prefixes, as well as my wireless network ESSID and BSSID and, of course, the phone’s serial number. Wow, that’s quite a bit of information about my device, even more of which can be tied directly back to me by OnePlus and other entities. It gets worse.”
As per Moore, he came across this new development while participating in the SANS Holiday Hack Challenge decided to check the internet traffic from his phone OnePlus2 2.
He used OWASP ZAP, a security tool which tracks web applications. Interestingly, he found HTTPS requests being sent to a domain called open.oneplus.net.
Reacting to the accusations, OnePlus said in a statement that the practice is followed in order to enhance its software based on user behaviour and provide better after-sales support.