OnePlus privacy shock: So, the cool Chinese smartphones slurp an alarming amount of data OnePlus mobiles are phoning home rather detailed information about handsets without any obvious permission or warnings, setting off another debate about what information our smartphones are emitting. Software engineer Christopher Moore discovered that the information collected included the phone's International Mobile …
* It's worth noting that iPhones no longer send Wi-Fi hotspot and mobile tower data when location services are switched off – since Apple's 4.3.3 version of iOS, when it fixed the bug.
And now we are on iOS 11.0.3.
I guess Apple is now in El Reg's good books for once?
What No?
Ok, business as usual then.
"net.oneplus.odm" isn't a domain. The domain here is "oneplus.net". It's a java package name, which includes the OnePlus domain name in reverse. It's the OnePlus Device Manager. Referring to "net.oneplus.odm" as a domain is a mistake on the part of the article's author. The actual domain receiving the analytics data is "open.oneplus.net".
Well, TBH I'm not entirely sure that Google or Apple are securing their streams in any such way. You know, like when their default soft keyboards send home litterally everything you type. Before I switched to Hacker Keyboard, Google keyboard was frequently the app which used the most mobile data on my phone... which tells a lot about both mobile OS vendors and my level of secludedness !
When I reluctantly went from a Windows 640 to the One+ 5 recently I assumed that I was selling my privacy to Google in choosing an Android. To find that On+ are grabbing some of the data too is no more than a minor annoyance.
However, the underlying assumption, that it's OK that anyone providing a phone or operating system can take the right to spy on what that phone/user does is the more worrying aspect. You wouldn't buy a house with the option that Bob can come round and watch you in the bath if he wanted to. Or, so far at least, a car that told Ford/Toyota/Insurance company/.. where you were driving to and how long you stayed there.
Even the geeks stayed on stock Oxygen if they wanted to use Android pay, banking apps and stream tv content without having to jump through moving hoops.
From what I understand Android pay now recently works with Lineage but information is all over the place.
The sucking up of personal data by OnePlus and all the other companies is beyond silly now. The fact you can't turn off their second data slurping stream with an app or setting and have to run ADB commands means the majority of cheap phone buyers won't bother doing it, even if they want the data slurping to stop.
some of us actually have a life.
Get NoRoot Data Firewall app. Activate the firewall and select block everything and leave out the ones you do want internet. You can also give the apps permission for 5mins or 1hour to connect to the internet when the apps ask for internet.
With this at the very least, you'll have the power to choose when your phone will send data.
Wait, Bob *can't* just watch me in the bath whenever he wants?
Google to the rescue - you could even share it with more people than just Bob..
:)
I didn't have to get a restraining order on Bob, after he tried peeking in my window during bath time & the screaming stopped, he's taken out a restraining order on ME. Now he refuses to peek in my window any longer, claiming there isn't enough MindBleach in the multiverse to scrub "the horror" from his mind.
What has been seen can not be unseen Bob, MUH Hahahahahahahhhahhhahahhahhha!
That's funny, because in other places it's reported that the data collection cannot be disabled permanently, only until you restart the phone. Unless you take the time to uninstall the thing through ADB...
"Unless you take the time to uninstall the thing through ADB"
ADB is unfortunately not always capable of disabling unwanted junk on your phone.
I've got an el cheapo Alcatel Pixi with OEM bloatware installed which *can't* be removed via adb unless you root your phone. Default user via adb doesn't have sufficient permissions to remove the unpleasant apps, and "su" is unsurprisingly not present in the shell when you connect via adb.
Given that I use the device as an mp3 player, have never put a sim in it and won't be connecting it to wifi, the bloatware on my device doesn't really matter to me because it can't phone home, but I won't stand for that rubbish on a device I'm using as a smartphone.
"Given that I use the device as an mp3 player, have never put a sim in it and won't be connecting it to wifi,"
Thats a bit weird. Why don't you use your normal phone as an mp3 player? Do you really carry two phones around? One to use as an mp3 player? One to use as a phone? Really? I mean, really? Thats what you do?
You may have said no thanks in the initial setup wizard. I did nut its on now as I am in their preview release program so help test stuff by getting firmwares early and have it all turned on so the know issues and stuff. I don't mind at all knowing that information will be sent to them to help with this. It's a choice, though, and I think that any information about you and your use of their devices should be by choice. It's like hotpoint saying they need to come look at your skimpies on the washing line without your approval so that they can see what you have been washing....
Yes it is pretty standard. I turned this stuff off on my Android handset long ago, and its predecessor.
I recently upgraded this laptop to Sierra which means Siri! Except, I looked at what I would have to release for Apple to slurp in exchange and went 'no bloody thanks' so Siri remains off. Startpage does me well enough and typing is less subject to misinterpretation than voice instructions.
I've got a Chinese brand smartphone. I don't notice it, but presume that it will do exactly what Microsoft, Apple and Google do, and send data home. As a personal phone I'm not too worried what the People's Liberation Army collect, because it isn't used for serious web browsing, and it isn't used for business purposes. If the PLA have got the time to worry about where I go, and the texts I exchange with the family, then I'll have usefully tied up some of their resources, and they'll be very bored indeed.
That's exactly the attitude that repressive governments want you to have.
What, like the UK government with all their shitty snooping laws? I'm in the UK, so I'd far rather that the Chinese government were poking their nose into my business than my own government. I'd prefer that nobody did, but since there's no mileage and no leverage for the Chinese (or other non-Western governments) they are preferrable to my own government or its allies choosing that they should have my data.
Obviously, if I were doing a role that the Chinese were interested in, then I wouldn't be using a Chinese designed phone (although arguably, in that situation I shouldn't even have any smartphone).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
