<Thread> Hi @ARCHOS
! Let's discuss a backdoor found in the EngineerMode app on the @ARCHOS 40 Power phonepic.twitter.com/RY5Yxw02zL
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
A root procedure implemented by the phone maker without the knowledge of the user is a backdoor...
Not sure you really understand the thing here. As said in the tweet this is a partial result but it clearly shows that @ARCHOS has a way to root the device.
The main hypothesis here is that this flag is set by another @ARCHOS system app. I will continue to dig to find how to trigger this procedure
Time to say a prayer for all those all-winner devices running that "rootmydevice" piece of code : https://github.com/allwinner-zh/linux-3.4-sunxi/commit/e8bb679bbb18b90174381bea0e643eb81a92030b … 
is it a functino to root the device? it sounds more like a tamper flag set when root is detected. Of course OEMs can root devices, they all have a way if they want
Yep it sounds like an internal root flag, I just want to check where this flag is set :). Ofc they can. I'm just asking them to remove that in the user build :)
not really possible, I mean they control the certificates, OEM can always gain greater privs
Yes sure, if you signed your app with the platform certificate you can do whatever you want. A good start for OEM will be to remove these "easy root ways".
You will see what I mean when I will publish what I found on the Blu Vivo 8 :)
Cough adups root backdoor
There is more :)
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.