• Apps

    by Published on 03-19-2018 07:45 AM
    1. Categories:
    2. Apps

    webOS, Palm, Inc.'s prescient gesture-based smartphone operating system that made its way to an HP tablet and on to an untold number of LG smart TVs, has been open-sourced. For the second time. The first open source edition came from HP itself back in 2011, and according to Wikipedia went nowhere fast. Cut to 2018 and LG, the current custodian of webOS, has just announced an open source edition of their own. Hopefully this community build has received an update or two since the last one.

    My own personal skepticism aside, the world can always use more open source software, so I honestly don't see this as bad news. But why webOS specifically, and why now? Here's the killer quote from LG's CTO:

    “webOS has come a long way [...] and is now a mature and stable platform ready to move beyond TVs.”
    Somebody needs to give LG a lesson in recent history, I think.

    Source: The Verge (1) (2)

    by Published on 03-16-2018 08:15 AM
    1. Categories:
    2. Apps

    ... And potentially led her into another one. But we'll get to that later.

    "Beautiful prison" is how The Verge's Nilay Patel describes Apple's iMessage. It's fairly accurate; for iPhone users Apple's default messaging app is as robust and feature-rich as any other platform—so much so that there's little reason to look beyond it. Even worse, those poor unenlightened souls who choose Android are treated as second-class citizens on iOS.

    Don't believe me? Consider my 18 year-old niece, as loyal to Apple as any other first world millennial, who has on at least one occasion condescendingly referred to her uncle as a "green text".

    She's currently taking her gap year in southeast Asia, and recently finished her first leg in Japan. While in Tokyo and Kyoto we stayed in touch via SMS—her uncle has been to that part of the world more than once, after all—but lost contact when she got a local SIM card; her iMessage seamlessly switched to a data connection but me, the green text, got locked out.

    And then something unexpected happened: she texted me from Taipei and asked if we could keep in touch using some other messaging platform. Now I hardly think of myself as the most interesting man in the world, but you cannot deny that it's a pretty big deal for a teenage Apple fangirl to step outside the protective cocoon of iMessage just to keep in touch with little ol' me.

    Unfortunately I seem to have led her straight into another proprietary messaging silo, otherwise known as WhatsApp. Despite being another walled garden I think it's the solution that makes the most sense for her current situation; in fact, all the 21st century digital nomads that I know depend on it for communications across borders and carriers. So I'm taking this one as a victory, if only for getting an iPhone user to see value in something outside the confines of Apple's beautiful prison.

    by Published on 03-15-2018 09:45 AM
    1. Categories:
    2. Reviews and Hands-on,
    3. Apps

    Spoiler alert: Spotify is the clear winner, at least for me.

    I suspect that hardcore music enthusiasts who use Android will have already chosen their music streaming service; for anyone else thinking about which one is worth paying for, here's a summary of my own experiences with three popular apps.

    Amazon Music
    If you have Amazon Prime then you've also got Amazon Prime Music, the ad-free version of their streaming service. Their music catalogue seems fine, and the Android app can also cast to Android TV. Unfortunately their web player requires Flash, which tends to slow down my already taxed Chrome browser.

    Google Play Music
    If you want PC playback of your streaming music then Google is your obvious choice, with a web player that's optimized for Chrome and an Android app that effortlessly casts to Android TV. And if you wanted an ad-free YouTube experience then the paid version of Google Play Music would also be the obvious choice, as a subscription also includes YouTube Red. Unfortunately that perk is not yet available to those of us living in Canada.

    Nonetheless, I took a 30-day free trial of Google Play Music, in the hopes that YouTube Red would one day make its way here. That would have been the end of the story, but my girlfriend suggested that I try out some other services before committing to GPM. That turned out to be some excellent advice.

    With some 70 million registered users Spotify is far and away the world's most popular music streaming service. They also offer a 30-day free trial, so I signed up with the intention of doing some A/B testing between Spotify and Google Play Music, and see if I could stump either one with a random music request.

    The track that tipped the scales in favour of Spotify was this very random Japanese single that showed up in the girlfriend's YouTube feed. I'm guessing that it translates to The Futon Song...?

    Bizarre, right? Anyway, Spotify has this track; Google Play Music does not. Advantage: Spotify. And then I discovered that Spotify also has native clients for Debian, Linux Mint and Ubuntu. Game over; Spotify wins.

    Hopefully this little write-up will be of use to someone who's not yet decided on an Android music streaming service. Feel free to add your own insights and/or opinions directly below.

    Play Store links: Amazon Music, Google Play Music, Spotify

    by Published on 03-13-2018 06:30 AM
    1. Categories:
    2. News,
    3. Apps

    It's what I did, anyway.

    I found out via email yesterday that I was one of the 815,000 Canadian Uber users (along with some 57 million Americans) whose personal data was compromised. Here's an excerpt from the email I received:

    In November 2016, Uber became aware that two individuals outside the company had accessed certain user data stored with a third-party service [...] The files that were accessed contained user information that we used to operate our services, and for nearly all users this included name, email address, and mobile phone number used on your account before 2016. Our outside forensics experts have seen no indication that trip location history, dates of birth, or payment information were accessed or downloaded.
    Personally I'd have preferred to have my credit card number leaked rather than my email address and phone number, for the simple reason that my bank has much stronger protections in place against fraud than either my email provider or wireless carrier. Maybe that's just me.

    What really stinks about this whole mess is that Uber didn't even want to notify affected Canadians at all. Mobile Syrup reports that the ride-sharing company was ultimately compelled to do so because of a February 28th ruling by the Alberta Privacy Commissioner. Uber plans to appeal that ruling, but there is a separate investigation being conducted by the Office of the Privacy Commissioner of Canada.

    I don't expect every Uber user reading this to have the luxury of being able to delete their account; as a driver or passenger you might depend on the service. Fortunately I don't, but more importantly I no longer trust this company with my personal data.

    Links: Mobile Syrup

    by Published on 03-12-2018 10:00 AM
    1. Categories:
    2. Apps

    With their users' credit cards already on file via the Google Play Store and Google Pay app, it only makes sense for the engineers in Mountain View to add peer-to-peer payment functionality to Android as well. But instead of doing this through a dedicated portal, they've chosen to implement this feature directly into the OS, through their own first-party software.

    Last November Android Police reported on a new version of Android Messages, Google's SMS app. Among other things, the update included the ability to send and receive money through Google Wallet (since rebranded to Google Pay). Now, again according to AP, Google has built a redundancy of this feature directly into their contacts app. So far the feature is live for exactly one reported user in Canada, and unfortunately it's not me.

    Using Google Pay, like PayPal , PayTM, or any other smartphone-based payments app of course requires that both the sender and recipient are registered users of the specific app in question. And while I can appreciate the convenience of these apps for sending money to family and friends overseas, for P2P payments within my own country I'm almost certainly going to go with an email transfer directly from my bank.

    How about you?

    Sources Android Police (1) (2)

    by Published on 02-21-2018 07:45 AM
    1. Categories:
    2. Devices,
    3. Apps

    In an unexpected blog post late last week the Rebble team kind of blew my mind.

    Based on my previous research I had thought that the project was to be a replacement for Pebble OS, the operating system on Pebble hardware. This never really made sense to me; full ROMs for each Pebble model are freely available for download, and it seems to me that what Pebblers are going to be missing most when Fitbit shuts down the Pebble servers this summer are the services that they currently provide to users—voice dictation and weather complications are the two that immediately spring to mind.

    What Rebble is actually planning is a complete end-to-end solution, including an app and watch face store, a phone app for Android and iOS and (eventually) a new operating system for the watch. Here's the TL;DR from their blog post:

    We will be providing replacements for almost all Pebble services;
    Most things will work just fine when you switch to the Rebble servers;
    We will have a Patreon page for you to donate to keep the services running;
    We will require that you pledge around a couple of dollars a month for weather and dictation. All other services will remain free;
    Fitbit are our friends.
    You can read the finer details of Rebble's grand plan at the first link below, and the ensuing discussion from the Pebble reddit community at the second. Comments posted there so far suggest that Pebblers are happy to pay for continuing access to voice dictation and weather; if Rebble can get everything up and running in time then that June 30th deadline might not turn out to be such a big deal after all.

    Source: Rebble via r/pebble

    by Published on 02-15-2018 07:30 AM
    1. Categories:
    2. Apps

    There is a new entry in the navigation menu of the Facebook app for smartphones and tablets; clicking through on "Protect" will redirect to a listing for an app called Onavo Protect—which, at first glance, appears to be a VPN client. Except that it's not. Rather than protecting your data from third parties the app will phone home to Facebook and report on what you're doing on your device... whether you're currently using the Facebook app or not.

    The proof that this title is basically corporate spyware is hiding in plain sight on its App Store listing:

    To provide this layer of protection, Onavo uses a VPN to establish a secure connection to direct all of your network communications through Onavo’s servers. As part of this process, Onavo collects your mobile data traffic. This helps us improve and operate the Onavo service by analyzing your use of websites, apps and data. Because we’re part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences.
    As TechCrunch reports, the Onavo app has already been used to spy on SnapChat users, and to copy that platform's popular features for Instagram, its Facebook-owned competitor.

    Clawing back at least some of your privacy is as easy as uninstalling Onavo Protect—or better yet, never installing it in the first place.

    Sources: 9to5Mac via TechCrunch

    by Published on 02-13-2018 07:00 AM
    1. Categories:
    2. Apps

    There's no custom Android ROM out there that's more dependable than LineageOS. It's actually the only custom ROM that I know of with a working built-in updater—flash it once (with the optional root binary) and you can take OTA updates as they come without ever having to flash a full ROM again.

    Over the weekend the first page in a Public Charter was published on the LineageOS github, detailing the requirements for device support. The list is long, exhaustive and impressive. Here are a few highlights:

    Camera - all devices with Camera supported in their stock OS MUST support Camera, in both front facing and rear camera configurations.

    CVE - devices MUST support CVE patches for “high profile” exploits and vulnerabilities (if the media is reporting on it, then we must have it patched).

    Encryption - all devices MUST support software encryption.

    Root (su) - all devices MUST NOT ship with su included. All devices MUST support su installation via LineageOS provided ‘Extras’ download.

    Wiki - all devices with a shipping build of LineageOS MUST have a wiki page with valid installation instructions.
    I think it's pretty great to see a custom ROM so dedicated to user experience and transparency. You can read more about the charter—and see the actual document for yourself—at the links immediately below.

    Source: LineageOS Charter via XDA

    by Published on 02-12-2018 07:00 AM
    1. Categories:
    2. Apps

    While out for dinner with my brother and his family over the weekend I got to play HQ Trivia for the first time. To call HQ a phenomenon is no lie—at 8:55pm our party of seven looked like any other large group in a busy uptown restaurant; five minutes later every iPhone at the table was connected to a headset and playing the game.

    Plus one Android phone.

    If you've been to a trivia night at your local pub then you've already got the gist of HQ—just imagine that experience scaled up to reach a global (English-speaking) audience through their smartphones. What pulls it all together is an entertaining video-streamed host, powered by the same technology behind Vine, Twitter's failed attempt at a new six-second video format.

    HQ's official Android app had, until very recently, been listed in the Play Store as an unreleased beta. I'd love to tell you that you'll get the exact same experience on Android as on iOS, but on my OnePlus 5T the 1.0 release still looks very much like a beta product. The gameplay is the same but the video streaming quality is just bad.

    I guess it's much harder for software developers to fully support the multitude of screen sizes and resolutions available on the Android platform. In the case of HQ trivia it certainly doesn't seem like a lot of effort was put in. If you've yet to experience the game my advice would be to check it out on somebody's iPhone. HQ doesn't care about us.

    If you still want to be disappointed, here's the link: HQ Trivia on Google Play

    by Published on 01-30-2018 07:30 AM
    1. Categories:
    2. Apps

    Something rather interesting is happening in Canada's westernmost province. While Uber and Lyft await the green light to begin operations there, a slew of homegrown alternatives has popped up from seemingly out of nowhere to fill in the gap. I've read mention of no less than eight available services—four of which I was able to find sites and app store listings for:

    GoKabu - (uses WeChat) / website
    Longmao Club - Android / iOS / website
    Poparide - Android / iOS / website
    Udi Kuaiche - Android / iOS / website

    And another four for which I could not:

    AO Rideshare
    Dingdang Carpool
    U Drop

    As you can probably surmise, at least half of these apps cater to the local Chinese-Canadian community. GoKabu was the one that, in a Global News report, was accused of refusing to accept non-Chinese fares; the $1,150 CAD fines for drivers accepting rides using these currently illegal apps might have something to do with that.

    Has anyone here used one of these BC ridesharing apps?

    Links: Global News, Mobile Syrup

    by Published on 01-24-2018 08:15 AM
    1. Categories:
    2. Devices,
    3. Apps

    It's been over a year since Pebble went bust. Fitbit, who bought the company's technical assets and absorbed some of the team, pledged to keep Pebble's servers running until the end of 2017. We're now well past that expiry date, and the day may soon come when Fitbit decides to turn out the lights, leaving users with no access to weather data, voice replies or an app store.

    At that point Pebblers will have three options: make do with what they've got, regain the ability to sideload apps and watchfaces with GadgetBridge or install Rebble, an entirely new OS, on their watch.

    Progress on Rebble has been slow—as you can probably imagine, building a custom smartwatch operating system from scratch is no small feat. But this week the team posted a rare update, one that immediately shot to the top of r/Pebble. Here's a summary of their progress thus far:

    • New splash screen (see above);
    • Rebble can now be run in an emulator;
    • Bluetooth is now working;
    • Preliminary support for Pebble apps and watchfaces.

    With such slow progress you might be asking, why even bother? The Rebble team has an answer for that:

    It’s a fact that no new Pebble hardware is being produced, ever. It’s been over a year since Pebble closed its doors and as such there are a finite number of devices out there, and their ZEBRA connectors are going wonky, their cases are suddenly ingressing water, and their batteries are getting one charge closer to failure every 4-10 days. But while Pebble hardware may remain frozen in time, technology marches on. New versions of Android and iOS continue to be released, along with new hardware, and with every major release we all cringe and utter “will our Pebbles still work”? Well that’s part of why we’re building new apps, appstores and firmware - but another exciting reason for creating our own open-source, FreeRTOS-based OS is that it opens the door to other Pebble fans or even large smartwatch manufacturers in Shenzhen to build their own new hardware in the spirit of Pebble/Rebble!
    While GadgetBridge will probably remain my go-to solution, what this community of developers is trying to accomplish is certainly admirable. If you want to get involved see the first link directly below.

    Source: Rebble via r/Pebble

    by Published on 01-19-2018 07:30 AM
    1. Categories:
    2. Apps

    This past Christmas I spent pretty much the entire morning trying to fix the girlfriend's OnePlus 5. Its native version of Android, OxygenOS, had just gotten a big upgrade to Oreo, and as we were shortly going on holiday I thought it prudent to get her phone up to date before we left.

    Bad idea.

    The upgrade itself wasn't the problem; what stymied me for several hours was applying root and getting a custom recovery to stick. I still couldn't tell you what the technical issue was, but I've a sneaking suspicion that it's the result of Google's increasing hostility towards Android modders.

    I knew that the only real solution would be a regression to Android Nougat, but then my better half would have to deal with the constant nagging notification for an update that would once again break superuser access to her phone.

    And here's where FreedomOS comes in. It's a custom ROM built on the Nougat version of Oxygen, but with a modified kernel and additional options. Chief among them is the Aroma installer; it gives you the choice of flashing Magisk or SuperSU for root, and also allows you to debloat your device by skipping over any Google or OnePlus apps you don't want. It's definitely not for noobs, though, as its possible flash a broken system image onto your phone if you don't pay attention to what you're doing.

    The lead developer recently returned from a holiday break, so an Oreo version of FOS—for the OnePlus 5, at least—could be on the way. In the meantime, I've been impressed enough with the Nougat version that I flashed the 5T version onto my own phone. You can check out the ROM for yourself at the XDA links immediately below.

    Links: FreedomOS for OnePlus 5 / OnePlus 5T on XDA

    by Published on 01-18-2018 07:00 AM
    1. Categories:
    2. Carriers,
    3. Apps

    Researchers at Northeastern University have developed an app that can tell you which services are being throttled by your wireless carrier, and by how much. It's called Wehe, and it's only available for Android. Find out why below.

    How it works is fairly ingenious. Using YouTube as an example, Wehe spoofs that app for a random download, then repeats the download but with different metadata, fooling your carrier into thinking it's from another source. By comparing speeds you can determine if and by how much your YouTube videos are being throttled. In the case of BingeOn it's been shown that T-Mobile indiscriminately throttles all video to 1.5 Mbps, and with YouTube specifically limits video resolution to 360p.

    Wehe is currently able to test the following services via their apps:

    NBC Sports

    And what about iOS? Well, according to Motherboard Apple won't approve it. An App Store reviewer told the developers that Wehe "has no direct benefits to the user". Because carriers, I guess...

    Hopefully Wehe will find its way to APKMirror and/or F-Droid should Google ever come to a similar determination; in the meantime you can grab it on Google Play at the first link directly below.

    Links: Google Play, Motherboard, Wehe

    by Published on 12-11-2017 07:00 AM
    1. Categories:
    2. Apps

    Last spring I wrote about how the Netflix app wouldn't run on rooted Android hardware. That unfortunate fact led me to investigate Magisk; its "root hide" and SafetyNet bypass features enables Android modders to enjoy not only Netflix but Pokémon GO and Android Pay as well.

    Over the weekend, however, another issue with Netflix for Android has surfaced: according to XDA some high-powered devices, like the OnePlus 5T and ZTE Axon M, are unable to stream Netflix video in HD.

    The reason for this has to do with the logo at the top of this post. Widevine is one of the oldest and most-used DRM solutions for digital content. It's widely used for video games, Blu-Ray systems, Amazon Prime Video and—you guessed it—Netflix. There are actually different certification levels for Widevine-protected content; only Level 1 certification will permit playback of content in HD and above. Google's Pixels and Samsung Galaxy class flagships have L1 certification; OnePlus is currently only certified at Level 3.

    Oh, and did I mention that Google acquired Widevine in 2010?

    Blame for this mess can be thrown in all directions, Google, Netflix, OnePlus... But it might be easier to just agree that DRM in general is terrible for users. Net neutrality is not the only threat to an open Internet; DRM-encumbered services are another means by which the Internet of tomorrow might end up looking much more like the cable television of today.

    Source: XDA

    by Published on 12-06-2017 07:00 AM
    1. Categories:
    2. Apps

    TechCrunch reports that a software update has brought over 60 new apps and watchfaces to Fitbit's first proper smartwatch, the Ionic. I can't for the life of me find a definitive listing anywhere—whereas, for example, the Pebble App and Watchface store can still be perused online from any desktop computer, Fitbit offers no such convenience.

    Anyway, here are 14 highlights from a blog post on Fitbit.com:

    British Airways
    New York Times
    Philips Hue Lights
    United Airlines

    In addition there are a bunch of new watchfaces (many recycled from Pebble) and also a native app for the streaming music service Deezer, coming in 2018.

    Something that also might be of interest to Fitbit users is news of more banks supporting Fitbit Pay. Here's a list of North American partners so far:

    American Express
    Bank of America
    Boeing Employees Credit Union
    Capital One
    First Tech Federal Credit Union
    Security Service Federal Credit Union
    U.S. Bank

    None yet (sounds about right)

    Sources: Fitbit (1) (2) via TechCrunch

    by Published on 11-27-2017 06:45 AM
    1. Categories:
    2. Commentary and Analysis,
    3. Apps

    What we're looking at here is the logo for the εxodus privacy auditing program, a French nonprofit which, with help from the Yale Privacy Lab, has published a database of trackers found in popular Android apps. And there are a lot more of them than you'd expect.

    Most people would understand that an app like Uber would need to track you in order to ascertain your location when you request a car. And since the Uber app is downloaded from the Google Play Store it's not much of a reach to imagine that Google too is tracking downloads of that app, and likely taking stock of the other apps installed on your Android device as well. But what you might not expect is that Uber is also very much in the business of reselling your location history and other data via third party trackers.

    Some of the offenders mentioned by name in The Intercept's coverage of this project include AccuWeather, Lyft, Microsoft Outlook, Skype, Spotify, Tinder, Uber and The Weather Channel.

    Any iPhone users reading this should resist any urge to feel smug; as Cory Doctorow reports, these same trackers almost certainly exist in the iOS versions of the same apps, but it's illegal to break Apple's DRM to prove it.

    Links: εxodus, Cory Doctorow, The Intercept

    by Published on 11-24-2017 07:00 AM
    1. Categories:
    2. Devices,
    3. Tips,
    4. Carriers,
    5. Apps

    Too late for the midnight stampedes, but I'm hoping this will at least serve as a starting point for your mobile-centric Black Friday shopping. It's not exhaustive by any means; you'll notice that Android Police and Mobile Syrup are responsible for a few links each. Kudos to them for doing the grunt work so that I didn't have to.


    Amazon Canada’s Black Friday tech deals are now live!

    Best Buy VIP Black Friday sale now live with discounts on smartphones, tablets, smart home devices

    Freedom Mobile offers up to $450 in MyTab savings for Black Friday

    Here are Canadian carriers' 2017 Black Friday deals

    Rogers and Fido launch Black Friday iPhone deals


    2017 Black Friday and Cyber Monday deals roundup [Updated continuously]

    Deal: Get 3 months of unlimited data for $99 from Rok Mobile

    Fossil smartwatch Black Friday sale: 30% reduction on Android Wear

    Free iPhone 8: The Best Black Friday Deal Is From T-Mobile

    Here are Google Play's Black Friday and Cyber Monday deals

    Feel free to add any deals not mentioned above, for the benefit of anyone else reading this. Happy bargain hunting, and stay safe out there!

    by Published on 11-20-2017 07:00 AM
    1. Categories:
    2. Apps

    Android Police has just done another of their famous APK teardowns, this one for a new version of Google's official SMS app, Messages. This new version (2.7) not only has more streamlined code—the size of the apk itself is down 30% from the version before it—but some new features as well, including new message indicators, calling integration with Google Duo and RCS support for dual-SIM phones.

    You'll recall that the Rich Communications Services (RCS) protocol is a joint venture by carriers, Google and the GSMA to bring text messaging into the 21st century. Think of it like iMessage, but for everyone. The code in Messages 2.7 shows support for standard RCS features such as sending messages over WiFi and the ability to see your friends type replies, but also suggests that users will be able to toggle RCS support for separate SIM cards if they have them.

    If you live in Asia, India or even parts of Europe there's a very good chance that you're using a dual-SIM phone; the only reason why they're so scarce in North America is that carriers here have a vested interest in not selling you one. Cheap calls on one SIM and a cheap data plan meant for tablets on the other? Yeah, not so much...

    For me it has become a must-have feature, and I had to dump Google's default messaging client for third party solutions (first Textra, then Pulse) because those apps support two SIMs. With this new update I might have to give Messages another look.

    Source: Android Police

    by Published on 11-17-2017 07:00 AM
    1. Categories:
    2. Apps

    I caught the end of the livestreamed OnePlus 5T launch event yesterday, and for me the best thing about it had nothing to do with the phone itself. What set my geek heart all aflutter was when OnePlus co-founder (and Steve Jobs wannabe) Carl Pei took to the stage to announce that all ticket sales from the event were being donated to F-Droid, the open source app store for Android.

    Tickets for the launch were priced at $40 USD but it's not clear how many tickets were actually sold, as there were a lot of tech bloggers and YouTubers there who I'm guessing didn't pay. But honestly, it doesn't even matter; at the very least the project got some free press. Here, as a reminder, is but a sample of what F-Droid has to offer:

    AdAway - kill ads system-wide on your rooted phone or tablet;
    K-9 Mail - an excellent IMAP mail client;
    NewPipe - watch YouTube videos with no pre-roll ads;
    OS Monitor - find spyware on your Android device.

    FOSS software and the Android modding community are equally important to OnePlus. You'll recall that 2013's OnePlus One shipped with the first commercial version of CyanogenMod; the latter ended up going nowhere but the former is thriving, thanks in this part of the world to its sizable geek cred. Most of the Linux podcasters I listen to own a OnePlus device, and these people are unabashed freedom beards who would never even go near a Galaxy or Pixel.

    As a company OnePlus is certainly guilty of sometimes lazy, sometimes shady practices, but they do serve their community well. And it's great to see them giving back, even if it's ultimately a token gesture.

    Links: XDA

    by Published on 11-15-2017 07:30 AM
    1. Categories:
    2. Devices,
    3. Commentary and Analysis,
    4. Apps

    More bad news for OnePlus... on the eve of a new product announcement they've been accused of backdooring their devices, allowing an attacker with physical access to gain root access without having to unlock any bootloaders— which we all know would wipe any and all sensitive data from your phone, right? Anyone? Bueller...?

    Anyway, as privacy scares go, this one has been blown out of proportion just a bit. It's still bad, but nowhere near as bad as the data that OnePlus was caught harvesting last month.

    The "backdoor" here is actually a Qualcomm testing app called EngineerMode. With the correct password (which has already been reverse-engineered) it will indeed grant root access via the Android Debug Bridge (ADB). What it won't do is allow malicious software with root privileges to be installed on your device. In fact, XDA has put their own spin on this vulnerability, citing it as a great new way for modders to root their OnePlus device.

    OnePlus absolutely should have removed this app before shipping out hardware to their customers. As to why they didn't, signs point to laziness rather than something more nefarious. Oh, and by the way, some ASUS and Xiaomi phones were also sold with the same Qualcomm testing app on board.

    Sources: Android Police, OnePlus Forums, XDA

    Page 1 of 16 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ... LastLast