151

What is EngineerMode?

  1. Dunnow The Lab - OnePlus 6 Reviewer Nov 25, 2017

    Dunnow, Nov 25, 2017 :
    Yet oneplus still does otas through http so you can fool the sw into downgradint to a vulnerable build.
     

  2. Christian Ferm Cupcake Nov 26, 2017

    Christian Ferm, Nov 26, 2017 :
    I do apologize for my spelling my fingers are to big to type on screen....
     

  3. rarog Lollipop Senior Moderator Nov 27, 2017

    rarog, Nov 27, 2017 :
    Don't worry, he quoted OmegaHsu and not you. :sweatsmile:
     

  4. pathologo Froyo Nov 28, 2017

    pathologo, Nov 28, 2017 :
    UID 1000 indeed is responsible for OTA.
    Block it and you are out of OTA, as simple as that.
     
    Last edited by a moderator: Nov 28, 2017

  5. I1511713988601 Cupcake Dec 2, 2017

    I1511713988601, Dec 2, 2017 :
    After reading many posts, forums, and articles about the privacy leeck of OnePlus 5T phones (gps information, wifi, ... and media file and backdoors) i just wanted to ask you for few détails for a non-android-expert.

    If i understand well, all those issues are linked to two applications. Is that right? Can it be removed after rooting the phone?
     

  6. rarog Lollipop Senior Moderator Dec 6, 2017

    rarog, Dec 6, 2017 :
    Yes, it can be removed with root. But you have to remove it after each and every OTA again.
     

  7. steenrabol Gingerbread Dec 11, 2017

    steenrabol, Dec 11, 2017 :
    When did you last see a staff member answer in a thread that discusses a problem?

    Look at the Poatrait mode thread, started by a staff member, then users expresses concerns and problems but no staff member addresses that - how is that interaction?
     

    G_plusone likes this.
  8. PTuT Jelly Bean Dec 11, 2017

    PTuT, Dec 11, 2017 :
    What are you talking about? Portrait mode was answered in its own thread called "Let’s talk about Portrait Mode." by @LouisS who is a staff member. Definitely, you cannot expect them to answer everyone's question or problem. That's not their primary job. Remember, this is Community forum which is mostly run by users helping other users. There are staff members that will from time to time respond and if there is enough people having some issue, they will then create new thread. I was long time criticizing current alert switch and after some time (it was questioned by many) they created own thread asking people how they would like it to be (how much of customization). Amount of their involvement may be something to talk about but I am fine with it.
     

  9. Miguel_Coix Cupcake Dec 12, 2017

    Miguel_Coix, Dec 12, 2017 :
    https://thehackernews.com/2017/11/oneplus-root-exploit.html?m=1

    this website explains things very well!!
    https://thehackernews.com/2017/11/oneplus-root-exploit.html?m=1

    guys check this out as well https://www.chrisdcmoore.co.uk/post/oneplus-analytics/

    https://www.xda-developers.com/be-w...leaking-your-imei-when-you-check-for-updates/

    https://thehackernews.com/2017/10/oneplus-oxygenos-analytics-data.html?m=1
     
    Last edited by a moderator: Dec 12, 2017

  10. Jillemash Cupcake Dec 15, 2017

    Jillemash, Dec 15, 2017 :
    Hi,

    I just installed 5.5.15 OTA for OP5, EngineerMode is still there.
    No mention of any fix in the release notes.

    I'm in the same case as another person in another forum, my corporate account has been removed because of this issue.

    Hacking to remove it won't do much to convince them to whitelist my device back, a proper public statement from one plus that the issue is fixed would be preferable.

    I think there's someone complaining that it's still here on Oreo as well.

    I know it's probably useless to post this on the 24th page of this thread, but pretty please, OnePlus just fix this simple issue, so that I can use my phone at work or I'll be forced to throw it away and pick something else, which would be a shame, because I like my device.

    Thanks in advance in case anyone at one plus read this...
     

    sk.one and G_plusone like this.
  11. Kishan_k Gingerbread Dec 16, 2017


  12. carlfernandes Cupcake Dec 16, 2017

    carlfernandes, Dec 16, 2017 :
    Hi guys

    Engineer mode still present after latest patch? What a disaster - i've been walking around with my old Nexus 6P as well as the oneplus5 as my company has blocked the OnePlus5 from accessing corp services. I had expected the next patch to solve for this so I could once again retire my old phone.

    Can you plug this hole ASAP?
     

  13. Loveit Jelly Bean Dec 17, 2017

    Loveit, Dec 17, 2017 :
    Jeez, so now OnePlus has managed to get themselves blacklisted on corporate accounts.

    Way to go! This is what happens when you mine users data in shady ways that will never be explained properly.

    Bravo.
     

  14. Cheetosdust Starting Point Expert Dec 17, 2017

    Cheetosdust, Dec 17, 2017 :
    Can we please have a clear and direct announcement by OnePlus saying it was removed?

    Consider it a Christmas present to your fans.
     

  15. Chandan M M Cupcake Dec 17, 2017


  16. rarog Lollipop Senior Moderator Dec 18, 2017

    rarog, Dec 18, 2017 :
    EngineerMode is still there and will stay there. But the adb intrusion vector was closed, you can't get root via adb.

    See also here the message by the original reporter of the problem from December 4th of 2017: https://twitter.com/fs0c131y/status/937761401824841728
    So @Jillemash and @carlfernandes - you can tell your corporation to reenable your corporate accounts.

    What about reading this official statement? And what about not using multiple question marks? Punctuations aren't group-living animals:
     

  17. Jillemash Cupcake Dec 18, 2017

    Jillemash, Dec 18, 2017 :
    I suspected something like that (app still present but vulnerability closed) but it's not good enough unless an official statement is issued.
    But thanks for the link.
     

  18. Jillemash Cupcake Dec 18, 2017

    Jillemash, Dec 18, 2017 :
    Oops I messed up my answer. Here's my message:

    I suspected something like that (app still present but vulnerability closed) but it's not good enough unless an official statement is issued.
    But thanks for the link.
     

  19. Jillemash Cupcake Dec 18, 2017

    Jillemash, Dec 18, 2017 :
    aargh sorry for the multiple post, I don't get how this app works, I just hit reply and it sticks my message to the previous. For the last time:

    I suspected something like that (app still present but vulnerability closed) but it's not good enough unless an official statement is issued.
    But thanks for the link.
     

  20. rarog Lollipop Senior Moderator Dec 18, 2017

    rarog, Dec 18, 2017 :
    Not sure what the programmers did there either. I see your post 3 times.

    I doubt anything more official than announcement of removing it and the statement of the guy checking will follow.
    Right now I personally tested it on my OP5 as I'm also on 4.5.15 and I can confirm that the vulnerability doesn't work:
    adb-angela-test.png