November 15, 2017 // 11:29 a.m.
Owners of any OnePlus smartphone model bar the original OnePlus One are at risk of attack, a security researcher has warned, following the discovery of a back-door which can be used to gain full root access to the system.
The issue was first disclosed by pseudonymous security researcher 'Elliot Alderson', a fan of the TV drama Mr. Robot, via Twitter: The pre-installation on all OnePlus handsets bar the very original OnePlus One of a Qualcomm-produced diagnostic application dubbed EngineerMode. While present on all handsets regardless of software revision, the tool was hidden from view and visible only when viewing the list of installed software with the optional 'system' category selected. While designed primarily to allow for diagnostic testing and typically accessed through a secret dialler code, the tool also contains the ability to elevate privileges to the level of the root user - allowing ne'er-do-wells to take over a system using the password 'angela,' itself seemingly taken from Mr. Robot.
A write-up of 'Alderson's' findings by security firm NowSecure offers some reassurance to users: 'At this time, the exploit is most useful to an attacker with physical access to a OnePlus device or an owner looking to root their own device,' the company explains, referring to the fact that use of the tool's privilege-escalation capabilities requires physical access to the handset and the USB Debugging setting being switched on. 'Alderson', however, claims the flaw is exploitable purely in software, promising to release a one-click app which can root any OnePlus handset affected by the flaw with no physical access required.
OnePlus itself has issued a statement on the matter, claiming that the flaw does not represent 'a serious security issue' and that the ability to elevate privileges will be removed from the application in a future software update - though the application itself will remain installed. Users, however, have been asking questions about exactly what else the EngineerMode utility can do, following the discovery that the utility has been transferring data to and from handsets even when it should in theory be dormant - an issue OnePlus has yet to address.