OnePlus to fix backdoor root access issue via a software patch

By Shubham Sharma | Published on 15 Nov 2017
HIGHLIGHTS
  • The Engineering Mode app on the OnePlus 5, Oneplus 3 and 3T smartphones can be used to obtain root access without unlocking the bootloader. The company says its not a threat but will remove the root method from the app

OnePlus to fix backdoor root access issue via a software patch
OnePlus to fix backdoor root access issue via a software patch

A few days ago, OnePlus was accused of intentionally leaving a backdoor root access (via the EngineerMode apk) on the OnePlus 5, OnePlus 3 and the OnePlus 3T, which can be exploited to obtain root access to the devices. The company’s CEO Carl Pei responded to the issue saying that the company would look into it. Now though, the company has confirmed in a blog post that gaining root access functionality via EngineerMode apk will be removed from the aforementioned OnePlus phones through an upcoming OTA update.

In the blog post, OnePlus explains the EngineerMode apk, and states that it is a diagnostic tool, which is mainly used for “factory production line functionality testing” and after sales support. The company claims that even though the EngineerMode app grants escalated privileges using adb commands, it will not allow full root privileges to third party apps. 

The post further clarifies that obtaining root access via adb is only possible through USB debugging mode turned on. This is turned off by default. It adds that obtaining root privileges will require physical access to the device. OnePlus believes it's not a major issue, but they have promised to remove the adb root function from EngineerMode in the upcoming OTA update. 

To recall, the issue started when a developer discovered that certain OnePlus phones can be rooted without even unlocking the bootloader. The developer claims that launching 'DiagEnabled' activity associated with the Engineering Mode app with the correct password grants root privileges to users. The ‘Engineering Mode’ is meant for factory testing devices and ensuring that they are working properly. The app is reportedly pre-installed on the OnePlus 3, OnePlus 3T and the Oneplus 5. 

Last month, OnePlus also faced user backlash for collecting their personal data like IMEI numbers, serial numbers, app usage statistics and more. The company responded by saying that the collected data is used for improving their services and users have an option of opting out. 

logo
Shubham Sharma

Interested in tech, gaming, cyber-security, anime, and more

email

Advertisements

Trending Articles

Advertisements

LATEST ARTICLES View All

Advertisements

Hot Deals View All

Samsung Galaxy M31 (Ocean Blue, 8GB RAM, 128GB Storage)
Samsung Galaxy M31 (Ocean Blue, 8GB RAM, 128GB Storage)
₹ 16999 | $hotDeals->merchant_name
Redmi 9A (Sea Blue, 3GB Ram, 32GB Storage) | 2GHz Octa-core Helio G25 Processor
Redmi 9A (Sea Blue, 3GB Ram, 32GB Storage) | 2GHz Octa-core Helio G25 Processor
₹ 7499 | $hotDeals->merchant_name
Redmi 9 Prime (Matte Black, 4GB RAM, 128GB Storage) - Full HD+ Display & AI Quad Camera
Redmi 9 Prime (Matte Black, 4GB RAM, 128GB Storage) - Full HD+ Display & AI Quad Camera
₹ 10999 | $hotDeals->merchant_name
Redmi Note 9 Pro Max (Interstellar Black, 6GB RAM, 64GB Storage) - 64MP Quad Camera & Alexa Hands-Free Capable
Redmi Note 9 Pro Max (Interstellar Black, 6GB RAM, 64GB Storage) - 64MP Quad Camera & Alexa Hands-Free Capable
₹ 14999 | $hotDeals->merchant_name
DMCA.com Protection Status