OnePlus' Security Flaw Has Finally Been Fixed

CTVTamBui - Aug 16, 2019, 3:00 pm IST


OnePlus is found to have been leaking users’ personal data for years. Fortunately, the company has reportedly fixed this security flaw.

OnePlus, a Chinese smartphone manufacturer has eventually dealt with its users’ personal information leak security flaw that has happened for years ever since OnePlus One was introduced to the public. In June, 9to5Google published a report saying that smartphones of this brand had “unknowingly” exposed sensitive data of hundreds of users for a long period of time. However, not until this security issue was made known to the firm did it start an investigation into the problem.

1
OnePlus has allegedly been leaking users’ personal information for years.

Although OnePlus has made no official statement about the fix, according to a recent report of 9to5Google, the security flaw has been addressed.

The serious flaw in security was detected a month ago in a pre-installed application called “Shot on OnePlus”, which can be found through the Wallpapers selection menu. The app offers a platform where users can upload their photos. Every day OnePlus will select one photo to publicly feature within the app as well as on its website and other users across the globe can use these photos as wallpapers.

2
“Shot on OnePlus” was reported to have a major security flaw.

To get started, users have to be logged in to the OnePlus account using their email address. When uploading a photo to the app, they are required to add a title, a location and a description of the photo. In this way, the app gets information about users’ names, locations, and email addresses and the data was reportedly leaked via the application.

All OnePlus users having “Shot on OnePlus” app on their devices got affected by this security flaw. It is still not clear how long users’ personal information had been leaking through the app, but the leak must have happened for no less than a year. The problem was allegedly due to the weak API (Application Programming Interface), which established a link between the app and its server. According to 9to5Google, OnePlus API is “hosted on open.oneplus.net — can be used by anyone with an access token”.

Next Story

Read More

Heroic Dogs: From A German Shepherd To A Yorkshire Terrier

Features- Aug 20, 2019, 10:26 am IST

Heroic Dogs: From A German Shepherd To A Yorkshire Terrier

There are a lot of stories about dogs risking their lives to defend, protect, and save humans. Loyalty was taken to a whole new level with these war dogs.

Shocking News: The Latest Victim Of Google Images Turns Out To Be Pak PM Imran Khan

Features- Aug 20, 2019, 11:40 am IST

Shocking News: The Latest Victim Of Google Images Turns Out To Be Pak PM Imran Khan

More particularly, when users type ‘bhikhari’ (means beggar) on the search bar of Google Images, they will get a series of pictures of this Prime Minister.

Top Best Camera Smartphones In India On The World Photography Day 2019

Features- Aug 21, 2019, 3:44 pm IST

Top Best Camera Smartphones In India On The World Photography Day 2019

Take a quick look at the 5 best camera smartphones in the Indian market in 2019 to find out what is the most suitable one for yourself.

Reliance Jio And Microsoft Collaborate To Introduce Azure Cloud Platform In India

ICT News- Aug 22, 2019, 1:30 pm IST

Reliance Jio And Microsoft Collaborate To Introduce Azure Cloud Platform In India

Microsoft and Reliance Jio have joined hands to speed up digital transformation by introducing cloud data centers in India

What To Do If WhatsApp Is Using Too Much Space On Your Phone

How To- Aug 21, 2019, 4:32 pm IST

What To Do If WhatsApp Is Using Too Much Space On Your Phone

WhatsApp is among the most widely used messaging platforms across the world. But there's one problem, its messages often consume much of our phones' memory.

YouTube Took Down Robot Battle Videos, Citing Animal Cruelty

ICT News- Aug 22, 2019, 4:48 pm IST

YouTube Took Down Robot Battle Videos, Citing Animal Cruelty

YouTube, the popular video platform, removed several robots vs. robots videos from “BattleBots”, citing animal abuse as the reason.