OnePlus has issued a statement regarding the presence of a backdoor in the form of the ‘EngineerMode’ apk in the OxygenOS operating system.
A staff member by the name OmegaHsu who is part of the OxygenOS Team posted a blog post on the OnePlus Forums clarifying things. The staff member stated that the company has received ‘a lot of questions’ ever since the discovery was made.
As stated in the post, EngineerMode is a diagnostic tool that is used for testing ‘factory production line functionality’ in addition to the after-sales support. The company admitted that the tool ‘can enable adb root’ which in turn gives privileges to carry out adb commands. However, OnePlus clarified that EngineerMode apk does not let access of full root privilege to any third-party app as feared.
The company went out to state the scenarios of such a scare adding that a user or a cybercriminal can only get adb root access if USB debugging is on and if the person trying to get root access has physical access to your smartphone. OnePlus does not enable USB debugging and it is disabled by default.
OnePlus stated that the company does not see this ‘as a major security issue’ but considering that users have a concern about their privacy and the safety of their data, the company will roll out an OTA to remove the ‘adb root’ functionality from the ‘EngineerMode’ apk.
This statement comes a day after it was reported that OnePlus has left a back door in its system and anyone who knows what they are doing, can get root access to their device with a simple command.
Updated Date: Nov 15, 2017 09:19 AM