Personal Tech

OnePlus Android mobes' clipboard app caught phoning home to China

Sorry! that was a test feature for Chinese users, company claims

By Shaun Nichols in San Francisco

28 SHARE

Update OnePlus has admitted that the clipboard app in a beta build of its Android OS was beaming back mystery data to a cloud service in China.

Someone running the latest test version of OnePlus's Oreo-based operating system revealed in its support forums that unusual activity from the builtin clipboard manager had been detected by a firewall tool.

Upon closer inspection, the punter found that the app had been transmitting information to a block of IP addresses registered to Alibaba, the Chinese e-commerce and cloud hosting giant.

While extra logging and telemetry are to be expected from beta software – so that developers get an idea of any problems with their code prior to an official release – the fact that data was being siphoned off without warning from a clipboard manager raised eyebrows, leading some to fear their copy-paste actions were being snooped on and question the privacy protections on their OnePlus handsets.

OnePlus has yet to respond to our request for comment, although a rep told Android Police that this was a feature destined for handsets in China, and will be removed from, presumably, mobes outside the Middle Kingdom.

"Our OnePlus beta program is designed to test new features with a selection of our community. This particular feature was intended for HydrogenOS, our operating system for the China market," a OnePlus spokesperson was quoted as saying. "We will be updating our global OxygenOS beta to remove this feature."

Shock horror

This should not come as much of a shock to those who follow the China-based OnePlus. In October last year, researchers discovered that OnePlus handsets were collecting unusually detailed reports on user activities, although the manufacturer said at the time it was only hoarding the data for its internal analytics. One month later, it was discovered that some phones had apparently been shipped with a developer kit left active, resulting in the phones sporting a hidden backdoor.

And lest we forget, today's desktop and mobile operating systems are pretty gung-ho in phoning home information about their users, with Microsoft catching flak for Windows 10 telemetry in particular. ®

Updated to add on January 15

OnePlus has been in touch with the following statement:

We apologize to our beta test users, for the confusion over an experimental HydrogenOS feature appearing in the global OxygenOS beta, which is being updated to remove it. The experimental HydrogenOS feature is designed specifically for the Chinese market, where a unique competitive situation between two major web service providers has led to some ecommerce weblinks being blocked. A workaround developed by one of the parties involved sending a token so that link sharing would function fully. We were testing a similar feature in the HydrogenOS beta.

Sign up to our NewsletterGet IT in your inbox daily

28 Comments

More from The Register

China's going to make a mobile OS and everyone will love it, predict ball-gazing analysts

Autonomous cars and smart clothes look like a dud, though

US China-watcher warns against Middle Kingdom tech dominance

5G, IoT, and tech supply chains should go under spotlight

Huawei exec out of jail, just as US accuses China of Marriott hack

Tensions continue to build between two countries

China wins one, loses one in US trade spats

US loosens ZTE stranglehold, but China Mobile blocked from operating as virtual carrier

LG: Fsck everything, we're doing 16 lenses in smartphones (probably)

How do we make mobes take better snaps? Throw a buttload of sensors at 'em, judging from this patent

Don't fear 1337 exploits. Sloppy mobile, phishing defenses a much bigger corp IT security threat

AppSec EU DARPA-funded white hat emits timeless advice

China examines antitrust probe thrust into Samsung, SK Hynix and Micron: Claims to see 'massive evidence'

We'll thrust it even deeper into chipmakers, vow investigators

SoftBank sells off more than half of Arm China for a bargain $775.2m

Chinese investors welcome chip designs with open Arms

EU politely asks if China could stop snaffling IP as precondition for doing business

Hands off our 'leccy cars

HPE chief exec Neri: US-China trade spat? Meh, that ain't no thang for us

HPE Discover 'Minimal' effect on biz, boss bravely predicts