HomeMobile PhonesOnePlus phones have a backdoor that allows root access

OnePlus phones have a backdoor that allows root access

OnePlus 5 Security

OnePlus has come under some heavy criticism for an application meant for factory testing that’s present in most of its phones. A developer going by the Mr. Robot-inspired name Elliot Alderson on Twitter dug through the app to find that he could gain root access through it.

You can see the application in your OnePlus device by diving into Settings, Apps, Menu, and Show system apps. EngineerMode should be part of the list if you have a OnePlus 3, OnePlus 3T, or OnePlus 5. It’s apparently present in the OxygenOS-running OnePlus One as well, but not the Cyanogen model.

EngineerMode is an app made by Qualcomm which allows OEMs like OnePlus to test if the device is working. Alderson tore through the application to find a ‘DiagEnabled’ activity which allowed the handset to be rooted. He needed a password for this though, which he got with the help of a couple of cybersecurity experts.

Also See: OnePlus 5T gets unboxed ahead of launch

In a weird coincidence, the password turned out to be ‘angela,’ another character from Mr. Robot. Alderson essentially managed to gain root access to the OnePlus phone without actually having to unlock the bootloader. He thinks the company intentionally left the app there as a backdoor.

Others aren’t so sure though, with some believing that it was left there accidentally and this whole thing was an oversight. OnePlus CEO Carl Pei has responded to Alderson by thanking him for the heads up and stating that the company is looking into it.

OnePlus had landed in trouble just last month when it was found to be collecting sensitive data from its users. The brand stopped doing this later on, but this might require a bigger explanation since it could have potentially exposed people to serious security breaches.