76
We’re opening a new Bug Bounty Program and partnering with Security Platform HackerOne

  1. Ziv C.
    Security Team Staff Member Dec 19, 2019

    Ziv C. , Dec 19, 2019 :
    OnePlus SRC (002).png

    Hi everyone,

    As previously mentioned, we’re boosting our cybersecurity with the unveiling of two new security initiatives – OnePlus Security Response Center and a partnership with HackerOne to proactively defend and protect all our users from cyber threats.

    Firstly, the new OnePlus Security Response Center will offer a bug bounty to security experts who discover and report on potential threats to OnePlus’ systems. Secondly, a new partnership with HackerOne, a renowned hacker-powered security platform, will tap into their extensive network of security experts to surface the most relevant security vulnerabilities before they can be exploited by external actors.

    OnePlus Security Response Center
    The global OnePlus Security Response Center will engage academics and security professionals to responsibly discover, disclose and remediate issues that could affect the security of OnePlus’ systems, and will help us proactively counter potential external threats to user security. Security researchers around the world can proactively search for and report OnePlus-related security issues through the new bug bounty program. Rewards for qualifying bugs reports will range from $50 to $7,000, depending on the potential impact of the threat.

    Security researchers are encouraged to report any potential threats to the our official website, Community forums, and Applications. Reports will be reviewed by our technical experts.

    Security professionals are invited to visit security.oneplus.com for the terms of the full program and a standardized form for reporting security issues.

    Joining Hands with HackerOne
    The collaboration with HackerOne will enable us to gain insight from top security researchers, academic scholars and independent experts to better uncover potential threats to our systems.

    The HackerOne collaboration will start as a pilot program, inviting select researchers to test out OnePlus’ systems against potential threats. A public version of the program is slated to go live later in 2020.

    Never Settle.
    OnePlus Security
     

    #1

  2. #2
  3. YRJ
    The Lab - OnePlus 7T Reviewer Dec 19, 2019

    YRJ , Dec 19, 2019 :
    That's a great Initiative, Ziv!
    All the best, Hunters.
     

    #3
    mateo1597 and G_plusone like this.
  4. Karun Deep
    Ice Cream Sandwich Dec 19, 2019


    #4
    G_plusone likes this.
  5. G_plusone
    Marshmallow Dec 19, 2019

    G_plusone , Dec 19, 2019 :
    Good to see you guys taking steps towards better security measures and practices.
    Hope this prevents Future mishaps :)
     

    #5
    keithgpowell and M1574146712671 like this.
  6. AnonymousWP
    The Lab - OnePlus 7 Pro Reviewer Dec 19, 2019


    #6
    dsmonteiro likes this.
  7. shannonxtreme
    Eclair Dec 19, 2019


    #7
    keithgpowell likes this.
  8. Starcommander
    OnePlus Accessory Tester Dec 19, 2019


    #8
    luxuskamel likes this.
  9. drmvsrinivas
    Gingerbread Dec 19, 2019


    #9
  10. Santi_SAZ
    Gingerbread Dec 19, 2019


    #10
    Z1524206743371 likes this.
  11. Eduardcc
    Gingerbread Dec 19, 2019


    #11
  12. Kleb32
    Gingerbread Dec 19, 2019


    #12
    mishra54 likes this.
  13. Alioo7
    Gingerbread Dec 19, 2019


    #13
  14. Mingo_MGx
    Donut Dec 19, 2019


    #14

  15. #15
  16. AnonymousWP
    The Lab - OnePlus 7 Pro Reviewer Dec 20, 2019

    AnonymousWP , Dec 20, 2019 :
    Open-sourcing OxygenOS only covers vulnerabilities for OxygenOS itself, apart from all the other things of OnePlus, such as upload_2019-12-20_1-48-39.png . Thereby, if it was open-source (which is good yeah for the sake of contributing), people would rather misuse it instead of reporting it by trying to find holes in the system.
     

    #16
    G_plusone likes this.
  17. B1574253625796
    Cupcake Dec 21, 2019

    B1574253625796 , Dec 21, 2019 :
    There is one problem associated with protecting the entrance to the phone. when the display lights up, where there is a place where you need to scan a fingerprint and various other functions, you can simply swipe up and you can easily get into someone else's phone. it happened to mine, although the defense stood.
     

    #17
  18. mateo1597 , via OnePlus 7T Pro Haze Blue , Dec 21, 2019 :
    When setting up the fingerprint scanner you can add a pattern or pin.
    Then when the display is on, and you swipe up it still asks for the additional security.
    At least thats how it works in my case...
     

    #18
    femiuex likes this.
  19. Swejuggalo , via OnePlus 7 Pro Mirror Gray , Dec 21, 2019 :
    Similar behavior is normally created by Smart Lock.
    Remenber to note how this lock looks. Is it locked or unlocked? Verify that. If it locked and you still manage to unlock without fingerprint or password/pattern we have a problem. If it is unlocked something tells it that it should be unlocked. If it is done so by a mistake review your settings.

    1576921886757.jpg
     

    Attached Files:


    #19
  20. B1574253625796
    Cupcake Dec 21, 2019

    B1574253625796 , Dec 21, 2019 :
    No, he doesn’t ask for anything. I have a pin code and a fingerprint. Swipe up and I'm on the desktop.
     

    #20