<Thread> Hi @Oneplus
! Remember me? Let's talk about another debug app you left in your device.
OnePlusLogKit is a system application which allow you to do a multitude of things: get wifi logs, nfc logs, gps logspic.twitter.com/HvnErm8rXg
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Or if persist.sys.assert.panic is set to true, the RecordNmeaService is launched. This service will create a file which store the history of your locationpic.twitter.com/w1jnlkiUsV
How easy is it to trigger this? 1. Tap *#800# in the dialer 2. Click on "Get Wireless log" 3. Done! You are in the OnePlusLogKit app. You can also send the intent: adb shell am start -n com.oem.oemlogkit/.OneClickLogKitMainActivity
Of course, all the logs are stored unencrypted in /sdcard/oem_log/pic.twitter.com/YOQbNsE7PE
To activate this recording all the time even after a reboot: 1. Tap *#800# in the dialer 2. Click on the "Assertion Toggle" button
This GrabOtherActivity is capable of dumping the media databases aka all your videos, imagespic.twitter.com/8C5uS87ePC
The decompiled source code of the OnePlusLogKit is available. Feel free to dig into it and share what you find https://github.com/fs0c131y/OnePlusLogKit …
So if I summarise: 1. By dialling a number and clicking on a button everybody can record your media, BT logs, Wifi logs, GPS logs,... 2. All this stuff are stored unencrypted in the sdcard 3. Any apps with the READ_EXTERNAL_STORAGE can read these files
cc @AndroidAuth @AndroidPolice @androidcentral @androidandme @Androidheadline @AndroidPolice @xdadevelopers @AndroidSPIN @Gadgets360 @TheHackersNews @verge @CNET @VICE @WIRED you can update/write your article
As far as I know, this logging is disable by default BUT any system apps (and there is plenty @OnePlus apps in the phone) can enable it. They only need to set persist.sys.assert.panic to 0 to log the location for example.
It's also possible that the files created by OnePlusLogKit are read and send to China by another @OnePlus app.
There is more. OnePlusLogKit is using another @OnePlus system application called LogKitSdService. This simple application is a only a service.pic.twitter.com/CNcGHAiGWf
This service is able to receive commands and make file operationpic.twitter.com/mB4pAIKf6j
The decompiled source code of the OnePlus LogKitSdService app is available: https://github.com/fs0c131y/LogKitSdService …
There is also a binary called oemlogkit located in /system/bin/ and it seems to do a LOT of stuffpic.twitter.com/hCFipXIwz2
If some of you want to join the party and give a help, the oemlogkit binary is available: https://github.com/fs0c131y/OnePlusBin/blob/master/oemlogkit …pic.twitter.com/AYtahjTavF
Coverage of the story by @BleepinComputerhttps://www.bleepingcomputer.com/news/security/second-oneplus-factory-app-discovered-this-one-dumps-photos-wifi-and-gps-logs/ …
I'm starting to consider a custom ROM right now tbh.
Me too. @LineageAndroid has some nightly builds ready. I've been told they're pretty stable but I'm hesitant. This whole story makes me prefer instability over insecurity or loss of privacy.
https://wiki.lineageos.org/devices/cheeseburger …
The problem would be that I would loose the ability to use apps that require the SafetyNet check to pass. And as I want to use the app of my bank, Netflix and Android Pay I don't really want to loose that ability..
I'm not sure as I haven't tried it. But shouldn't @LineageAndroid pass the SafetyNet check if you don't root the device?
As you have to unlock the bootloader probably not. And isn't @LineageAndroid rooted by default? I remember that CyanogenMod was.
Oh, I didn't know what is checked by the SafetyNet thing, but no, Lineage isn't rooted by default, you have to manually install the LineageOS su add-on.
I installed Lineage on my old phone today and it passes the SafetyNet check even with root (using Magisk). But I also read that it differs from phone to phone and that it works better on older phones. I hope someone will try it out on the OP5 as I don't really want to risk it..
understandable, thanks for the feedback! If I come around to root a OP5 I'll let you know.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.