OnePlus Android mobes' clipboard app caught phoning home to China

Sorry! that was a test feature for Chinese users, company claims

By Shaun Nichols in San Francisco

Posted in Personal Tech, 12th January 2018 00:15 GMT

UPDATE OnePlus has admitted that the clipboard app in a beta build of its Android OS was beaming back mystery data to a cloud service in China.

Someone running the latest test version of OnePlus's Oreo-based operating system revealed in its support forums that unusual activity from the builtin clipboard manager had been detected by a firewall tool.

Upon closer inspection, the punter found that the app had been transmitting information to a block of IP addresses registered to Alibaba, the Chinese e-commerce and cloud hosting giant.

While extra logging and telemetry are to be expected from beta software – so that developers get an idea of any problems with their code prior to an official release – the fact that data was being siphoned off without warning from a clipboard manager raised eyebrows, leading some to fear their copy-paste actions were being snooped on and question the privacy protections on their OnePlus handsets.

OnePlus has yet to respond to our request for comment, although a rep told Android Police that this was a feature destined for handsets in China, and will be removed from, presumably, mobes outside the Middle Kingdom.

"Our OnePlus beta program is designed to test new features with a selection of our community. This particular feature was intended for HydrogenOS, our operating system for the China market," a OnePlus spokesperson was quoted as saying. "We will be updating our global OxygenOS beta to remove this feature."

Shock horror

This should not come as much of a shock to those who follow the China-based OnePlus. In October last year, researchers discovered that OnePlus handsets were collecting unusually detailed reports on user activities, although the manufacturer said at the time it was only hoarding the data for its internal analytics. One month later, it was discovered that some phones had apparently been shipped with a developer kit left active, resulting in the phones sporting a hidden backdoor.

And lest we forget, today's desktop and mobile operating systems are pretty gung-ho in phoning home information about their users, with Microsoft catching flak for Windows 10 telemetry in particular. ®

UPDATE, JAN 15th: OnePlus has been in touch with the following statement:

"We apologize to our beta test users, for the confusion over an experimental HydrogenOS feature appearing in the global OxygenOS beta, which is being updated to remove it. The experimental HydrogenOS feature is designed specifically for the Chinese market, where a unique competitive situation between two major web service providers has led to some ecommerce weblinks being blocked. A workaround developed by one of the parties involved sending a token so that link sharing would function fully. We were testing a similar feature in the HydrogenOS beta."

Sign up to our NewsletterGet IT in your inbox daily

28 Comments

More from The Register

Apple: Sure, we banned VPN iOS apps in China, but, um, er, art!

iGiant didn't want to aid censorship, but $10bn in revenue is $10bn in revenue

China cools on Apple's high-priced iBling

What now?

Samsung gains ground on smartphones

Emerging markets are where it's at

Baidu puts open source deep learning into smartphones

Computer vision, deep learning, and the camera in your phone

Dawn of The Planet of the Phablets in 2019 will see off smartphones

Anything smaller than 5.5 inches just won't satisfy, especially in China

Apple removes VPN apps in China as Russia's Putin puts in the boot with VPN banlaw

Banned and yanked from Apple's App Store

20 Apple China staff collared for allegedly flogging customers' info

$7.4m fraud ring traced back to iGiant's database

Apple building data centre in China to comply with tough cybersecurity laws

Citizen data can only be stored within the country

Apple goes global in Qualcomm license war: Patent spat hits China

One-billion Yuan lawsuit in Middle Kingdom alleges further royalty wrongdoings

China gets mad at Donald Trump, threatens to ruin Apple

Tim Cook still trying to figure out how he got caught up in this