Maybe OnePlus follows their users
Recently we wrote that from the official website of OnePlus company stole bank card data of 40 thousand users. And today, on the Internet, information has appeared that the company collects user data and sends it to China.
What is known
One French security researcher (as it is written in his profile) with the name Elliot Alderson wrote on his Twitter that he found a suspicious file called "badword.txt" in the beta version of OxygenOS. He was lying in the application for the clipboard.
The @OnePlus #clipboard app contains a strange file called badword.txt
- Elliot Alderson (@ fs0c131y) January 25, 2018
In these words, we can find: Chairman, Vice President, Deputy Director, Associate Professor, Deputy Heads, General, Private Message, shipping, Address, email, ... https://t.co/ePQvD1citn pic.twitter.com / 3dCh0joVkH
In "badword.txt" there were many different words: address, email, home, birthday, private message, shipping, etc. But the most suspicious is that this file was in the encrypted Android TeddyMobile library.
TeddyMobile is a Chinese company that identifies phone numbers using SMS messages. On the official site you can see a list of partners: Vivo, Oppo and other Chinese smartphone manufacturers.
Elliot provided a screenshot of the code, which shows that TeddyMobile collects user data: IMEI phones, addresses and even bank card numbers.
In the dry residue
It is difficult to answer for the reliability of all this information. Yes, and the company OnePlus keeps silence. But this whole situation can greatly damage the reputation of the Chinese manufacturer of smartphones.
