Hacker News new | comments | show | ask | jobs | submit login
OnePlus OxygenOS built-in analytics (chrisdcmoore.co.uk)
422 points by os7borne on Oct 10, 2017 | hide | past | web | favorite | 180 comments

TL;DR: OxygenOS tracks your every activity in every app, and there's no settings to disable the tracking.

To get rid of it you have to uninstall the tracking app via adb: (no root access needed)

  $ adb start-server
  $ adb shell
  > pm uninstall -k --user 0 net.oneplus.odm
Note: This requires adb to be installed, your phone to be connected and USB debugging to be enabled.

I caught them doing this a while ago when I first got my OnePlus 3:


You _are_ featured in the article with that exact tweet, right? :)

Haha, yeah. Jumped the gun and pasted the tweet while making breakfast before reading it.

That was a bit surreal.

This is great, but what is to prevent them from re-installing in an update? Or throwing it in a service that can't be uninstalled?

In my mind, the only options are either dumping your OnePlus or flashing a third party ROM (I plan to flash Lineage tonight and probably start shopping for a replacement for my OP3 as well)

Flashing a third party ROM is probably your best bet.

I'm curious to what phones you're considering to replace your OP3 with, though.

For myself, I've been looking for something that has "much better than average" security and, unfortunately for any mobile platform, that looks like it's probably not going to happen.

The closest ROM I've found is CopperheadOS, but it is only supported on a few devices.

I'm probably just going to flash Lineage. I have plenty of past experience with CM so it should be fairly familiar and it apparently works extremely well on the OnePlus 3 (I've seen the OP3 labeled the perfect phone for Lineage in the past, so hopefully that is true)

In terms of phones, I don't know. The Pixel 2 XL, Galaxy S8, Note 8, and LG V30 are probably the best Android devices available right now. I haven't done much research so I don't have much of an opinion right now. I'm feeling fairly jaded right now and half-considering switching to an iPhone and away from a lot of Google services because Apple seems to at least half-care about privacy. I know in the end that is likely BS but what can you do at this point short of go back to a dumb phone (which you really can't do if you are an app dev trying to stay on top of current trends)?

> I'm feeling fairly jaded right now and half-considering switching to an iPhone and away from a lot of Google services because Apple seems to at least half-care about privacy.

Exactly my stance. I am sure Apple is shady as well but it's my opinion (partially supported by numerous stories here on HN) that Google collects and sells anything they can get their hands on.

I'm buying iPhone X for me and my girlfriend (when it finally comes out). We already have iPad Pros. We'll just go full Apple except the gaming PCs. We will change all passwords from inside one of the iDevices as an additional security measure. Most likely gonna use YubiKey 4 as well -- although I am still not informed enough to make the decision.

Already using DuckDuckGo 95% of the time -- sadly it is not as good as Google but really, most of the time it gives me what I need. Still not sure Firefox is up to the task to replace Chrome, but I'm keeping an eye out and using the beta (Quantum).

End-game is gonna be to replace Gmail with something else.

I feel I can't trust Google with telling me the time these days so I am migrating away from them.

I wonder if there's an opportunity to reduce the privacy problem by having the phones log data to an intermediate server. The intermediate server will be open-source and run by a trusted entity (EFF, Apache Foundation, whoever). OnePlus will be able to submit whatever code they want to this server after a public privacy-focused code review by the trusted entity.

The proxy server will aggregate and anonymise the data before uploading it to upstream OnePlus servers. For example, it can strip out IP addresses. Eliminate data points which are too few and can therefore dangerous. Maybe if too few people are using an app, records about the usage of that app aren't uploaded to upstream OnePlus servers. If OnePlus wants to know how many photos an average user is taking, the intermediate server could just that information, or percentiles, not data about each individual user. These are all not possible to do on-device.

With this, we don't have to worry about what code is running on the phone, or what OnePlus servers are doing, both of us are closed-source and unavailable to us to inspect. But the intermediate server will be open-source.

Who will pay for that and how are you going to force manufacturers to participate in such scheme? Most people "have nothing to hide" and don't care about privacy, so they won't be happy as manufacturers pass cost of this to them. More realistic way (though not easy too) is to install a firewall on a proxy all traffic is run through and filter suspicious/unknown connections.

Manufacturers or software developers who're especially privacy-conscious, or collecting data that wouldn't be able to get with otherwise, might use this scheme. Maybe the folks who run the upstream server will also pay for the intermediate server. It shouldn't cost much for an entity that's already operating at scale, whether in users or revenue.

"Manufacturers or software developers who're especially privacy-conscious"

Those are few and far between. I still don't see how you are going to get major players into this. Niche -- maybe, but we already have few of these (other comments in this thread mention them). Also, such server would be a very sweet target for hackers and high security requirement raises upkeep by quite a bit.

No more a target for hackers than upstream log servers. In fact, it will be easier to audit, since it's open-source and does less (only aggregate and anonymise data and pass it on).

Yes, it will be niche to begin with, but everything starts that way. If minor players adopt this, over time, it can put pressure on the big players to do so as well. It's a long game.

For example, MS opened an Azure datacenter in Germany where MS doesn't have access to user data. So, people are starting to do things to restrict their own access.

According to @01abhishekjain on Twitter[0] you can also do it in a single command:

  adb uninstall -k --user 0 net.oneplus.odm
Can anybody confirm that? I've already run the three commands above on my phone.

[0]: https://twitter.com/01abhishekjain/status/917785829455446016

Can one use this method to uninstall other "uninstall able" apps from their phone? I fucking want to get rid of samsung pay.

+1 (but for other apps, like some google baked-in stuff)

I have absolutely no doubt there is some data centre in Shenzhen full of my Huawei phone metrics! I think this is the biggest issue with android phones, they are full of potential data leakages like this. Privacy is definitely a concern and a pull factor to getting an iPhone again. There is a lot to be said for a company that is focused on hardware and not on serving content to that device. Then again it's also a reason to get a Pixel2, I feel I can trust Google with my data more than some other android manufacturer or reseller. Sure they'll serve me more adverts, but it's to some ends at least.

> I feel I can trust Google with my data more than some other android manufacturer or reseller. Sure they'll serve me more adverts, but it's to some ends at least.

I'm not sure I understand this logic. Can you explain your reasoning here? What makes Google different?

Is it just about data security (e.g. you don't care what anyone does with your data as long as they don't leak it publicly)?

you're are right, I was a bit unclear. I guess I just feel I can trust Google more. Sure Google will take my data and deliver me targeted adverts, share it in some sort of aggregate form with partners and possibly use it to learn more about be than I know about myself, however I feel Google is good with dealing with privileged data. There data security is good and I never feel my account will be leaked, it's not Yahoo! (yet? .. that's another conservation).

It's business is fundamentally about trust, people trusting its services, I feel it offers good data security on its accounts and it offers services that I am happy I don't have to pay for. Almost 2 decades of email services, search, and drive space is something I'm glad I never pay for.

In certain cases I do keep data away from Google, I'll never upload all my photos to google photos, or put my media collection on a google drive, and i'll keep certain documents locally, but for the majority of the ephemera in my life, it's a fine place to leave it.

Nothing about my life is really that important or sensitive that security is a must and I need to be completely clandestine, if I leave a trail of breadcrumbs for someone to use to pipe adverts at me, so be it, but I can always stop them in browser with a good ad-blocker or a network level filter.

If I want that level of privacy I can always go down the proton-mail account route and use PGP or encrypted messaging. Although that's not really necessary when I'm just send my GF a gif of a seal playing a saxophone or deciding if I cook fajitas for dinner!

The NSA, FBI, CIA and partnering intelligence services from the However-Many-Eyes countries all also have access to Google's servers...

I'm so uninteresting to any intelligence agency!

Much better security policies, presumably.

If anyone has my data, I'd want it to be the one that you can hope is implementing best practices.

> What makes Google different?

Maybe he's American and trusts American companies more. For Europeans, it's tougher: You can choose between being spied on by the Chinese or by the Americans.

> I'm not sure I understand this logic. Can you explain your reasoning here? What makes Google different?

The cynic in me would suggest that on a Google phone, only Google gets to peek at what you do, otherwise it's Google plus the vendor. Also - Google, despite being a bit too nosy for my own comfort, at least is likely to have decent security, so this data is less likely to get exfiltrated and end up published (or sold on a darknet).

If nothing else by buying a phone manufactured by google and running stock android, you need to trust one less party.

Better PR?

Google is also a US company, which means you at least have a different set of intelligence agencies after you. Given those two options, I think I’d prefer to give my data to the NSA, not the Chinese government.

If you live in or travel to the US, but don't have anything to do with China, it makes more sense to prefer your data to be spied on by the Chinese, doesn't it?

It's an interesting case - they're unlikely to have any legal impact on me and my ad views are probably of very low value to them, lacking even a common language with most ads. Some people feel more comfortable with a government they voted in having their information, but ultimately one that's in some ways an adversary of your state is far less likely to have any impact on your life than one which is in your own state.

Additionally, restrictions on things like copyright aren't nearly as draconian in China - last I tried Baidu's cloud drive service they offered a torrent downloader built into the thing. Other speech restrictions are obviously very nasty and present, but as you're not a citizen there's nothing they can really do to you.

But the government they voted for tends to change every couple of years. And I doubt they wipe all data from before the elections.

Hmm, I'm in the opposite boat - China can't extradite me or arrest me. I'd much rather my information be in the hands of Chinese intelligence agencies than American ones.

You say that, yet the US government is pushing hard to extend their digital jurisdiction into other countries. Countries like France have also had rulings and laws where the right to be forgotten has to be obeyed worldwide, not just in France. It is entirely possible China attempts to extend its jurisdiction for online matters into other countries. It is extremely unlikely to come to any thing that will affect you, but not impossible I think

Can't extradite you or arrest you yet.

I don't travel to or do business with China, but I'll be traveling to US couple of times in a year. Not being a citizen gives me very limited rights in US. So I for one will be happier if US does not have my personal data.

This makes me wonder: why can we have a top of the line desktop PC which is totally libre, but not a smartphone? What has gone wrong?

That we ever had "libre" desktops is an accident of history resulting from home computers, widespread internet access, and awareness of public key crypto arising in that order.

IBM took on the personal computer market and made the PC standard, which launched the chain of backwards compatibility that continues to this day. Because they did this in 1981, the idea of "secure bootloaders" was not on their radar. By the time anyone started thinking along those lines, the standard was well entrenched; this same standard gave Linux and other free OSs a relatively static target to hit, just as the internet was gaining ground (a force multiplier for hippie free-software types). Before PC clones took off, every home computer was a different design, OSs were specific to each model, and open alternate OSs were not really a "thing".

For a glimpse of an alternate history where these things happened in a slightly different order, take a look at TI graphing calculators; each is a bespoke microcomputer using very 80s-ish technology (z80/m68k cpus, built-in BASIC etc) and each has RSA signed OS images, the keys for which were only factored in 2009. Even now that every single microscopic detail of the hardware is known, and the keys available, alternative OSs are niche and usually incomplete projects confined to a single model, because there is no standard to target.

All we have now is a reversion to the natural order of things, permitted by the shift to "mobile" breaking all the rules and allowing all the norms to be reset.

Of course I've upvoted your comment, well written and informative, but it's a very very sad upvote.

If you're running Windows 10, even "top of the line desktop PCs" engage in data collection these days - I have to turn off pages of settings and set group policies to disable it all properly and even then there are still some things which can't be disabled, like the Bing hit every time you type in the search box even with internet search disabled, so I have to use hosts file blocking.


Android is pretty much as close as you're getting - I'd say it's quite comparable to the situation on desktop PCs today if not a little better because the open source community around it is quite potent. In fact, OnePlus is quite popular in these communities for making cheap, well-spec'd phones with unlocked bootloaders where you're free to have full control over your device.

And all this is missing one of the biggest sources of this spying - apps. Most apps send pretty much everything they can get their hands on when you start them, I launched a game the other day and had it connecting to 6 services for 2 analytics, ads, and crash reporting, all of which were contacted every time the app was started. For this I'm very grateful for tools like XPrivacy and LineageOS's privacy guard which all you to trivially block this and such tools are not commonly available on other platforms.

Yeah, but I can buy a motherboard, cpu, disk and whatnot, assemble them, run Windows or Linux on it.

Of course, with phones it is more difficult to assemble stuff (everything is much smaller), but the whole concept of a standardized open platform is not there.

Somebody should define the "PC Phone", and declare it an open standard.

Intel and AMD both embed monitoring processors with unaudited binary OSes in their CPUs: https://boingboing.net/2016/06/15/intel-x86-processors-ship-... Intel calls their spy cpu "Management Engine", AMD calls it "Platform Security Processor." Both run code that sits between the OS you're running and the CPU, for the supposed purpose of remotely managing PCs in an organization.

I guess it depends on what you mean by open platform.

The platforms are well known, architectures are standardize, GPU drivers are often proprietary similar to the desktop world, but ultimately I can flash anything I want on my phone, I've run stock Android, several modified variants, Firefox OS, Ubuntu, Sailfish and others.

From a software perspective that's all not too hard to achieve, the hardware side of things does lack standardization but that's because as you say, it's not exactly something you can hand assemble.

I doubt all non-gpu drivers are open source. We're talking oneplus right? If they are, people still need to port them to the new non-stock-compatible OS. Then you probably need to compile everything yourself. Then repeat when OS gets updates. And you'll still be stuck with the stock bootloader and baseband firmwares. Which will hardbrick your device if you flash the wrong way.

But yeah, totally accessible.

Like this for example puri.sm/shop/librem-5

"why can we have a top of the line desktop PC which is totally libre, but not a smartphone?"

"totally libre PC"? All major CPU manufacturers implement hardware level backdoor we can't disable. The newest version of the most popular OS tracks your every step by default. All of these tiny chips in pretty much any modern electronic device are full of binary blobs you have no way to inspect. Maybe we live in different worlds then.

PCs are comparatively much more open than phones, and it is actually possible to disable some of that stuff with various hacks on some systems.

Phones are closed, locked down, and bugged by design.

I don't deny that, but saying "PCs are totally libre" is vast overstretch. PCs are getting more and more complex, include high number or sub-systems, that are actually mini-computers themselves, so by installing an open-source OS on the topmost layer we only get an illusion of the open system. But unless we have an open hardware along with source code for firmware running on all those sub-systems, we can't call PCs "libre".

Smart phones followed a very different path of evolution that was heavily influenced by cell carriers. Apple had to fight really hard to get the iPhone carried, and to do that they had to lock it down to comply with what I am sure were a long laundry list of carrier demands.

This was the era of flip phones when carriers had full control. They really didn't want to lose that control. I doubt a company smaller and less influential than Apple could possibly have gotten a full-fledge computer of any kind onto cell networks.

This led the entire mobile ecosystem down a path where the device is locked down by design even though today carriers are less able to influence that.

Add to that the emergence of surveillance-driven advertising as a way to monetize "free." It's very hard to compete with free (or subsidized) products. Most people compare price vs feature set, not privacy or security. So there was a huge economic incentive to turn phones into little surveillance devices to siphon up data to be used to drive advertising.

Without surveillance capitalism most apps would cost money and phones would probably cost a lot more.

> I doubt a company smaller and less influential than Apple could possibly have gotten a full-fledge computer of any kind onto cell networks.

In Europe, Nokia did it in 1996, 11 years before Apple's iPhone.


Europe has always had more open cell networks.

This is true. In my country all phones have always been unlocked. Your mobile operator just sends you a SIM card that you can then put in any phone you want. Mobile operators don't mess with hardware. Thank god- OEM bloatware is enough.

> Apple had to fight really hard to get the iPhone carried, and to do that they had to lock it down to comply with what I am sure were a long laundry list of carrier demands.

Wat? It was easy to install third-party jars on my Nokia S60 devices, both before and after the iPhone, no carrier approval required.

https://puri.sm/shop/librem-5/ are attempting the totally libre smartphone.

They met their $1.5 million funding goal and had some backers pitching in at 20k a pop which implies rich people / company interest

You and us were lucky, Apple lost the PC war. We have an ecosystem of components with competing vendors for each. In an Apple style vertically integrated world, you'd have only one vendor deciding for you.

> why can we have a top of the line desktop PC which is totally libre

It was an accident of history, leading to the ISA bus x86 clones, and Compaq not losing a court case around clean-room engineering.

IBM even tried to roll back that accident with the MCA bus, and possibly would have succeeded if they hadn't been so greedy.

You can have a similarly libre smartphone. All the phones Google sells have unlockable bootloaders and you can build Android from source yourself including the kernel. There are many 3rd party open-source ROMs built on this.

But since you end up with essentially the same OS with essentially the same userspace doing essentially the same thing it raises questions of why go through the effort and hassle. You're completely free to do so, though.

You will, however, still end up with binary black box device drivers. Just like you do on a top of the line desktop if you want to actually fully use the hardware.

What's really scary is that most Android SoCs now have the baseband sitting in the same package as your CPU, with similar levels of access to system memory. The baseband firmware is usually unmaintained, but often in theory can be altered OTA by your carrier.

Intel & AMD CPUs also have firmware that can be updated as well. Not to mention the BIOS itself which is often blindly trusted.

Sure -- fortunately on most Intel and AMD CPUs you have some level of control in isolating the host from mobile carriers and those acting as mobile carriers.

Mobile carriers do not write or sign the baseband. You're at the whim of the hardware manufacturer in both cases (Intel CPUs & Qualcomm basebands).

I'm pretty sure in the case of at least Qualcomm, the carrier can do a heckuva lot more. Most snapdragon SoCs support a pretty hefty subset of OMA-DM at the baseband level, allowing for execution of arbitrary 'apps' on the baseband, by the carrier. Throw in any vulnerability in that baseband stack, and now attackers have a very direct path to system memory.

There were partially libre attempts - Mer and Maemo.

Now Librem 5 from Purism got fully funded (1), so in a year you'll have a fully free phone.

The market for a fully free phone is there but it's small(ish). Hopefully they'll get a piece of the pie with their anti-walled-garden mission statement.

1) https://news.ycombinator.com/item?id=15436716

puri.sm/ shop /librem-13/ for example

App stores.

Periodic driver breaking.

Locked or hardtoflash bootloaders.

Not releasing code. Even encrypting stock ROMs.

Punishing power users by blocking root.

Consumers not caring.

Alternate idea: get rid of the smartphone. There are many benefits.


I did this for 2 months, mainly forced to, I had my phone stolen, it was kinda nice, I read more newspapers and learnt i could send SMS messages from payphones!

> learnt i could send SMS messages from payphones

How did you manage this?

Whistling lessons from Kevin Mitnick

I live in the UK, most of the newer (like after 2000) BT payphones can do. It was kinda funny, I'd started dating at the time and I got some funny feedback from ladies I was dating. Although I did find someone who thought I wasn't a massive weirdo!

Hehe, same here. It wasn't so bad actually.

But i dont understand this, why should I have to part with my data when I am buying a fully paid product? I know the justification being used for free services but i find it hard to accept this for a piece of hardware that I pay for.

I'm not trying to justify it by any means, but I sometimes wonder if the cost of devices are sometimes subsidized by data collection.

I think this hit the nail on the head.

Most devices are actually sold at barely over cost.

Indeed. I helped a relatively un-technical friend get a smartphone at MetroPCS and was blown away at the hardware you can get for $99 or less. Obviously I assumed it's very subsidized, but I found the $99 phones were only about $179 full cost, and we're talking phones not too far off spec from an iPhone 7 Plus or a Galaxy S8.

Apple cares about your data, but they just lock you in. That's how people perceive Apple cares about your privacy.

I bet Apple at this point knows FAR more about their users than Google or OnePlus does.

"There is a lot to be said for a company that is focused on hardware and not on serving content to that device"

Lol you can't even install anything on your iPhone without passing through Apple. Come on. And an iPhone comes with a ton of nice shiny Apple apps. They are serving Safari, iTunes and Apple wallet.

Just run AOSP?

Google's is similarly excessive https://i.imgur.com/fWvV7R4.png

Though I get the feeling google's approach of trying to desensitize me (emailing me about how great I am for traveling to mcdonalds like a slob, and gamifying my use of google maps, for example) instead of shamefully hiding it, is a fair bit worse

Wait so google's approach of explicitly showing you the information they gather is worse than hiding the information they gather?

I wouldn't say worse per se, but it is bad in its own right for the reason the parent comment stated.

If it's "normal" to track every step and shove it in your face, surely you must be paranoid to not let them do at least some of that stuff.

I'm not saying there's no use for the data, and the services provided. It's just the opt-out nature of invading my privacy that I personally don't approve of.

I think he means the end result is worse. By being constantly shown the information you get desensitized to it. After years of that, you're much less likely to oppose this type of tracking than you would be had you never heard about it.

I don't feel like they explicitly tell you. Seems to be more the tip of the ice berg to me.

You can easily turn off this feature. But it's forced on Oxygen.

That doesn't really make a difference. Opt-out is essentially the same as just forcing it. The vast majority of users will never even know that they could be opting out.

I believe it's not opt-out.

IIRC, you're properly asked, the first time you try to do something, whenever you want to enable relevant tracking - e.g. share location history (e.g. when trying to set up "show my location"), or save voice data on Google servers (e.g. when setting up voice unlocking), etc etc.

I'm not exactly sure about app history and in-app search, though - just honestly don't remember about it. But it could be that user is actually asked at account setup time.

Point is, for many things Google actually properly asks for permission. Guess, it works for them, because timing's relevant. (They probably have ton of invisible tracking as well.)

Is that true? You can turn off your ability to see your activity history in Google, but does it actually delete (or not send?) any data from Google's servers?

You should take a look at this post from Android Police: http://www.androidpolice.com/2017/10/10/google-nerfing-home-...

Apparently there's a feature in the Google Home Mini that allows you to long press on the speaker to bypass the hot word detection ("Ok/hey Google"). Apparently there was a bug on this feature and random sounds could activate the listening of the Home, so it was recording data all day long.

In this case there's a rootless solution using dns66 (the issue affects all oneplus devices) :


redirect server open.oneplus.net.

Ofcourse, it is likely many other android devices have a similar setup.

I wonder if this is even legal in Europe (probably not in Germany).

This definitely feels like it would have a high chance of being illegal in the EU.

Of course it is illegal in the EU.

This is why I have no desire to upgrade to a new Android device and why I put my money into the Librem 5 project.

This data collection is beyond ridiculous and if it's not already illegal, it should be.

Or just run LineageOS?

There's are still many privacy problems with Android beyond just this. Lineage has the proprietary Google Play Services (luckily they don't support SafetyNet -- one the most ridiculous breach of privacy and user's rights).

> Lineage has the proprietary Google Play Services

Lineage doesn't ship the proprietary Google Apps. It is up to the users to flash it after flashing Lineage

I own a oneplus3 device. Since I switched to LineageOS, it's faster, the battery lasts way longer, and it doesn't even get warm on 3d games where it got burning hot before.

The devices are a mixed bag, some of them are quite decent.

OxygenOS, however, is garbage.

Did you install the Google Play Services along LineageOS or not? Those by themselves also already make a big difference in the aspects that you named...

Yes, I did. Whatever is wrong with OxygenOS isn't due to Google Play Services.

It's funny how OnePlus Support helping him to disable that application.

> OnePlus Support: Alright. Please try doing a hard reset http://bit.ly/1TbY1RZ and see if there are improvements.

How this could help improve that situations at all? Do OnePlus Support Team even read user's problem detail?

Very unprofessional I must say.

The question sounds enough like "how do I stop this app from eating data cap" that running them through standard malware fixes makes sense. Tech support deals with a lot of people that are terrible at wording their questions, so you tend to look for key phrases and suggest easy fixes first.

That's the answer I've always gotten with OnePlus, ever since OnePlus One. "Please clear cache" or "Please reset the device", even when it's a proven faulty hardware they force you to do this 5-6 times until they MAYBE ask you send it it in to them (While paying for shipping).

I bought a OnePlus phone because I knew it had an unlocked bootloader, good LineageOS support, and at least a small chance of someday being supported by Replicant. OxygenOS sounded sketchy from the start.

  > ping open.oneplus.net                                                                           
  PING hadoop-1219418324.us-east-1.elb.amazonaws.com 
Your phone usage data going straight into OnePlus' Hadoop cluster?


  ryans-mbp:~ ryan$ curl https://open.oneplus.net -D-
  HTTP/1.1 200 OK
  Server: nginx
Hadoop is the name they gave to the ELB on AWS. It could have just as easily said totallynotspying-1219418324.us-east-1.elb.amazonaws.com.

Granted the data could end up in a Hadoop cluster, but they didn't expose that directly to the internet.

Can we start sending it dummy data to make it useless?

My guess is we'll need someone to provide OAuth tokens to spoof data for. Or at the minimum, details on what fields are required by "/oauth/token" for it to issue new ones.

Anyone know what data iOS send to Apple?

The sales page is nice and all, but this is the page that matters: https://www.apple.com/legal/privacy/en-ww/.

TL;DR: we collect the shit out of you and share it with third parties as we see fit. If you disagree you will get a crippled experience

Yes, but be careful:

> Personal information will only be shared by Apple to provide or improve our products, services and advertising; it will not be shared with third parties for their marketing purposes.

This goes in contrast with most tech companies such as Amazon and Google. However, Apple does have the horrible clause:

> in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.

This clause should be considered the antichrist of clauses, because it just makes the entire policy void in case of a merger. Not that I see Apple being acquired by anyone soon, but still.

>> in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.

> This clause should be considered the antichrist of clauses, because it just makes the entire policy void in case of a merger. Not that I see Apple being acquired by anyone soon, but still.

Google's clause:

If Google is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.

I like Google's more :-).

Merger may be unlikely, but reorganization seems like a fairly low bar.

Does Apple define what 'Personal Information' is or encompasses?

The EU does that for them. It's anything that can be traced to an individual. Same goes for 'handling personal information'; it's literally everything you can think of where PI comes into play.

Apple claims this is non-personal information:

> We may collect information such as occupation, language, zip code, area code, unique device identifier, referrer URL, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.

How is your occupation and exact location non-personal?

>How is your occupation and exact location non-personal?

Not only, how many degrees of separation do exist between your "unique device identifier" and your identity (additionally given the restricted area provided by Zip code, area code and/or location)?

What is exactly the "unique device identifier"? The IMEI, the MAC address, something else?

> What is exactly the "unique device identifier"?

It probably doesn't matter, given how easy it is to correlate/deanonymize substitute keys.

"Hashing is magic crypto pixie dust which takes personally identifiable information and makes it incomprehensible to the marketing department."[1] -Daniel J. Bernstein

[1] https://projectbullrun.org/surveillance/2015/video-2015.html...

>TL;DR: we collect the shit out of you and share it with third parties as we see fit. If you disagree you will get a crippled experience

Very well summed up.

Daily reminder people are using Apple for everything including their daily banking with Apple pay and Apple wallet.

Apple is sitting on a gold mine. Meanwhile OnePlus is just a phone maker. Something to keep in mind.

Apple gives you an option for telemetry on first boot. No idea how much that option turns off. Not sure if the phone sends anything to Apple with that option and not using Apple services (that’s pretty hard because of the App Store; if you really care about iPhone privacy you’d want to download all your apps once then never touch the store again).

Some friends using apple complain about the data usage and they don't understand where the data consumption is coming from, even with the data tracking apps. Don't know what's going on with the latest versions of iOS.

iOS settings has data usage by app, including several “system services.” Do those numbers not add up?

No because Apple would do a much better job of encrypting the data the OnePlus's silly Base64.

What does Apple have to do with OxygenOS?

Compare and contrast.

Perhaps they want to see what data is universally collected, where android goes deeper and if apple collects anything android doesn't?

Fair, I read that as a misdirection but I should have assumed good faith.

I have both an OnePlus 3 and an iPhone 8, so just wanted to compare.

Holy moly O_o.

Those kind of stories are keeping me back from buying any Android devices in nearest future. Somebody might say that I can flash it with clean Android ROM but that's great for people who have too much time :-)

What other options do you have if you want a smartphone? I severely doubt that other devices (most notably Apple) are any better. I think that if you don't want this to happen you have to buy a dumbphone, which may or may not be an option for some people.

The Librem 5 just passed its crowd-funding goal[1]. That's what I'm getting for my next phone.

[1]: https://puri.sm/shop/librem-5/

I'd settle for a dumbphone with WhatsApp and a solid browser. I miss having to only recharge once a week.

To get a solid browser with a decent experience though you're going to pretty much need most of a smart phone's performance anyways and most of the power drain because you'll probably want a good screen and decent performance on the browser so a good processor too. Dumb phones lasted so long because they had really low power processors and beyond texting and calls there was no reason to constantly interact with them so they could be in a really low power state 90% of the time.

While I agree that noone should need to flash their device just to have basic sane privacy, I think saying "for people who have too much time" is pretty insulting for us that do care about our privacy and invested that time.

Again it shouldn't be necessary to do this and I won't expect anyone to do this, but I don't see why you have to insinuate that only people with too much time would do this...

You could make the "too much time" argument about reinstalling Windows or installing Linux when you get a device. Flashing may take some extra time, but it's not harder than normal expected device maintenance usually.

"expected device maintenance" by whom?

Anecdata, but 90% of people I know have never installed Linux (and the few times I've had to try and find recovery discs, going to bet reinstalling Windows is at about the same percentage), and not sure I know anyone who's flashed a new ROM on Android.

I'm genuinely curious as to where this expectation that everyone should be au fait with OS tinkering comes from?

I didn't say everyone, the audience on HN is far from 'everyone.'

My everyone could easily encompass the HN audience too - there's this stock assumption (especially if you're a developer or tech inclined) that other techies are always tinkering and optimising. Buying a consumer electronics product and not having to mess around with it should be the standard (with an option to tinker if you so wish), whether you read HN or not.

It doesn't take that long to flash a ROM though.

This is part of why Google's move to forbid users from installing SSL certificates is so anti-security and anti-privacy: it disables the ability to MITM one's own device in order to observe traffic.

I'd support regulation forcing Google to permit users to install our own root CA certs.

You can definitely install your own CA certs on Android. https://support.google.com/nexus/answer/2844832?hl=en

Only problem is that you have to explicitly enable the use of custom CA certs in your app, so it won't work with Google apps as you say.

Is there no other way to get at this traffic? Possibly something at the application level, like throwing a debugger at the calls that are originating the telemetry traffic?

> Only problem is that you have to explicitly enable the use of custom CA certs in your app, so it won't work with Google apps as you say.

Or any other app doing nefarious things.

Enabling apps to ignore user-installed certs is flat-out evil an inexcusable.

Evil, herp derp. It was done by malware, to steal user data, hence the change.

If you want to log Google data traffic, you have to put a CA cert into the system cert store (needs root access).

If a user installs malware from the Play Store, that's his fault, and it's Google's fault for allowing that malware on the store. If he sideloads malware, that's his fault entirely.

Preventing me from controlling my phone is evil. Preventing me from seeing what the apps on my phone are doing is evil. If I wanted a padded room or a walled garden, I'd be using iOS.

Defense in depth.

Google can't catch everything from the Play store, hence the CA cert store change.

This should have been asked when you're first booting up. I'll receive my one plus in a few days and track whats going on. Transparency is always the best path and supports that you've the best intentions.

I think (just a feeling) that every vendor and a lot of app devs is phoning home collecting data. I'm using Netguard to block net access to most of apps. On a rooted device I would use AFWall+.

The purpose of buying a OnePlus device is to get decent hardware for an okay price (I have the 3T), and then take advantage of their unlocked bootloader and the multitudes of highly functional kernels for it. Sultan's LineageOS ROMs are quite nice and even include WireGuard. If you're not immediately removing non-free OxygenOS when you receive your phone, you're most certainly already doing it wrong, data collection or not.

> The purpose of buying a OnePlus device is to get decent hardware for an okay price

Think you might need a full stop there. OP might have a reputation amongst the "root/flash/ROM" brigade, but that by no means makes up all of their userbase, and user-blaming that it's your own fault for not randomly knowing about custom flavours of Android isn't really helpful.

This is consumer software, on a consumer product, by a consumer company, that's doing something that raises genuine questions about personal privacy and the access to information we give to hardware manufacturers. The default answer to all of this really shouldn't be "install random OS XYZ", in the same way that questioning Windows 10 analytics isn't "just install Arch".

So, I owned the OnePlus One, two OnePlus 3T and currently run the OnePlus 5.

I always used CM (or LineageOS) before the 5, they never completed the first setup once before I unlocked the bootloader, thereby reset to factory and I flashed a different ROM right away. Right now I'm on the stock ROM (and affected ofc) though.

Question time:

1) Do you use your camera? I had the feeling that everytime I went from stock to CM/LineageOS I lost features and quality.

2) Why would you pick "Sultan's LineageOS ROM" (not trying to slight Sultan, whoever that might be. I'm curious) instead of going with the official LineageOS builds?

At least for the OPO, Sultan includes the improved camera stuff that stock LineageOS is missing.

That was the purpose, but I think nowadays they're priced pretty mainstream.

Is it different than any other Android from a different vendor? Android, sadly, is a bit about that, grabbing data from the user in one form or another.

Google is a bit about that. Android was about crushing Microsoft's mobile strategy, ironically.

Still, it's not like Apple is really significantly better.

This is really shocking, this data along with my google data can be used to learn a lot more about the user like what i surf when, how much time i use my mobile in office and what do i use it for. I am wondering if there is a way to corrupt the data being sent by some way masking or sending gibberish data. For me rooting is not an option because my office email will not work on a rooted device.

It can be turned off, just turn off the"join users experience program"in"advance"option,

Does anyone know if Google or other companies collect similar data as part of their background services on Android devices? What kinds of OS permissions would a service need to monitor activity in other applications?

OK.. now what should I say about my Xiaomi "smart"phone?

Hey how do i actually uninstall that ''thing'' so they cant track my data. I am a noob :(

Could you add a host file entry and send open.oneplus.net to Similiar to how DNS66 works?

I did that as soon as I read the article...gonna check back later to see if it worked

Let me know. I added it too, how are you verifying it works? DNS66 logs? or Network Connections app?

Same. Ping, wget, and curl all resolve localhost now so I'm assuming this worked.

why no Tesla users complain against with them? https://www.quora.com/Does-Tesla-collect-data-from-the-cars-...

Are similar services found in other more popular phones such as by Samsung or LG?

How do i actually stop this? im kind of a noob when it comes to this


If this data collection is not declared in the user-agreement, then is it illegal?

Of course not. One of the reasons why this kind of industry popped out of no where is because these kinds of things are not regulated. If they were, targeted ads would be a much harder problem.

I don't think this is legal in the EU. I suppose somebody has to complain to the correct commission or sue to find out for sure though.

It probably is declared somewhere deep in the user agreement.


Even if it is declared somewhere, that would not make this behaviour legal in the EU.

I'm a OP3 owner and I love my phone. I don't mind that they do this -- especially if it means that they can use the data to improve the OS/fix bugs but they should clearly notify users that they do this kind of logging/data gathering so that people can make an informed decision about the device they are buying.

I'm an OP3T owner and I dislike my phone. This may just be the straw that breaks the camels back for me. It would be fine if they asked me explicitly whether I am happy for them to collect these statistics and to offer a way to disable this, but as it is right now this is just unacceptable.

The more time I spend with this phone the more I believe that Apple aligns with my interests more (plus their hardware is simply better). Sure, I'll spend a bit more money but at least I won't have Google + OnePlus collecting stats on what apps I use.

OP3 owner, I love my device.

But I run LineageOS. It's far better than OxygenOS, which trouble knows no end.

Do you void the warranty if you install Lineage?

No. You can relock your bootloader and reflash the stock rom provided by OnePlus if you wish.

Isn't there an eFUSE that gets set on the unlock?

Why do you think Apple does not collect device analytics?

Maybe they do. But they don't have as much incentive to do so as Google/OnePlus.

Does Apple collect the same statistics though?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact