<Thread> Hi @Oneplus
! Remember me? Let's talk about another debug app you left in your device.
OnePlusLogKit is a system application which allow you to do a multitude of things: get wifi logs, nfc logs, gps logspic.twitter.com/HvnErm8rXg
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
To activate this recording all the time even after a reboot: 1. Tap *#800# in the dialer 2. Click on the "Assertion Toggle" button
This GrabOtherActivity is capable of dumping the media databases aka all your videos, imagespic.twitter.com/8C5uS87ePC
The decompiled source code of the OnePlusLogKit is available. Feel free to dig into it and share what you find https://github.com/fs0c131y/OnePlusLogKit …
So if I summarise: 1. By dialling a number and clicking on a button everybody can record your media, BT logs, Wifi logs, GPS logs,... 2. All this stuff are stored unencrypted in the sdcard 3. Any apps with the READ_EXTERNAL_STORAGE can read these files
cc @AndroidAuth @AndroidPolice @androidcentral @androidandme @Androidheadline @AndroidPolice @xdadevelopers @AndroidSPIN @Gadgets360 @TheHackersNews @verge @CNET @VICE @WIRED you can update/write your article
As far as I know, this logging is disable by default BUT any system apps (and there is plenty @OnePlus apps in the phone) can enable it. They only need to set persist.sys.assert.panic to 0 to log the location for example.
It's also possible that the files created by OnePlusLogKit are read and send to China by another @OnePlus app.
There is more. OnePlusLogKit is using another @OnePlus system application called LogKitSdService. This simple application is a only a service.pic.twitter.com/CNcGHAiGWf
This service is able to receive commands and make file operationpic.twitter.com/mB4pAIKf6j
The decompiled source code of the OnePlus LogKitSdService app is available: https://github.com/fs0c131y/LogKitSdService …
There is also a binary called oemlogkit located in /system/bin/ and it seems to do a LOT of stuffpic.twitter.com/hCFipXIwz2
If some of you want to join the party and give a help, the oemlogkit binary is available: https://github.com/fs0c131y/OnePlusBin/blob/master/oemlogkit …pic.twitter.com/AYtahjTavF
Coverage of the story by @BleepinComputerhttps://www.bleepingcomputer.com/news/security/second-oneplus-factory-app-discovered-this-one-dumps-photos-wifi-and-gps-logs/ …
I have a OnePlus 5, no sd card. Am I immune to the logs being written to public access?
No! There is a virtual sdcard
Shit. Custom ROM here I go.. Thanks for unveiling all of this, you rock.
And it would take GBs of space
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.