OnePlus Logs A Lot of Personal User Data →

· · 0 comments

Chris Moore:

OK, so it looks like they’re collecting timestamped (the ts field is the event time in milliseconds since unix epoch, which we’ll be seeing more of) metrics on certain events, some of which I understand – from a development point of view, wanting to know about abnormal reboots seems legitimate – but the screen on/off and unlock activities feel excessive. At least these are anonymised, right? Well, not really – taking a closer look at the ID field, it seems familiar; this is my phone’s serial number. This I’m less enthusiastic about, as this can be used by OnePlus to tie these events back to me personally (but only because I bought the handset directly from them, I suppose) […]

Amongst other things, this time we have the phone’s IMEI(s), phone numbers, MAC addresses, mobile network(s) names and IMSI prefixes, as well as my wireless network ESSID and BSSID and, of course, the phone’s serial number. Wow, that’s quite a bit of information about my device, even more of which can be tied directly back to me by OnePlus and other entities.

It gets worse.

This is one of the reasons I go iPhone. Apple isn’t perfect, but there’s less shit to worry about.

Chcesz zwrócić mi na coś uwagę lub skomentować? Zapraszam na @morid1n.

Leave a Reply