What is EngineerMode? Hidden OnePlus backdoor could allow hackers to take over your phone

Researchers have discovered an APK on most OnePlus devices that could allow hackers to root the device

Security researchers have discovered a hidden backdoor inadvertently left on many OnePlus smartphones that could be exploited by hackers to gain full access to users' devices. Robert Baptiste, a security researcher going by the name Elliot Alderson - an ode to the character in the popular Mr Robot TV series - discovered a factory-installed app on OnePlus devices that could be used by hackers to obtain root access to the phone, its files and software using just a few lines of code.

The researcher said he discovered the EngineerMode app when examining the latest firmware for the OnePlus 5 handsetand said it could be exploited to allow root level control of devices running the firmware oneplus_5_oxygenos_4.5.14.

The app can diagnose GPS, check the root status and perform numerous automated tests and hardware scans among other functions. However, Baptiste found that by launching the "DiagEnabled" activity in the app with a specific password, the device could be rooted to give an attacker total control over it.

The EngineerMode tool, made by Qualcomm, comes pre-installed on most OnePlus devices including OnePlus 2, 3, 3T and the newly launched OnePlus 5.

Although the tool is password-protected, researchers at security firm NowSecure have already managed to crack the password.

"With the password, the EngineerMode app enables a debugging mode that is generally only needed for development of the device and grants full root privileges on the device via a simple ADB command or potentially by installing an APK from the Play Store," the NowSecure Mobile Threat Research Team wrote in a blog post.

Upon entering the password "angela" - likely another Mr Robot reference to the character Angela Moss - the developer gains permanent root access to the Android Debug Bridge process and, essentially, root privileges on the affected OnePlus device.

However, hackers would need to have physical access to the phone to carry out the exploit.

"At this time, the (app) is most useful to an attacker with physical access to a OnePlus device or an owner looking to root their own device," NowSecure said. "What seems especially careless is OnePlus leaving behind a system-signed .apk and a native library with a SHA256 hash of the password that was easily reversed."

To find out if your OnePlus device has EngineerMode installed, head over to the device's "Settings" > "Apps" > "Menu" > "Show System Apps." You can then search for EngineerMode in the app list to check if it is installed.

OnePlus later said the EngineerMode is a "diagnostic tool used mainly used for factory production line functionality testing and after sales support".

"We've seen several statements by community developers that are worried because this apk grants root privileges," the Chinese smartphone maker said in a statement. "While it can enable adb [Android Debug Bridge] root which provides privileges for adb commands, it will not let 3rd party apps access full root privileges. Additionally, adb root is only accessible if USB debugging, which is off by default, is turned on, and any sort of root access would still require physical access to your device."

"While we don't see this as a major security issue, we understand that users may still have concerns and therefore we will remove the adb root function from EngineerMode in an upcoming OTA."

The news come just a month after OnePlus was discovered collecting its users' sensitive, personally identifiable information. It later scaled back its data collection programme. It also comes as its new OnePlus 5T is launched.

Hackers fool the iPhone X's Face ID using a cheesy-looking mask

There is no such thing as foolproof phone security.

Case in point: Security researchers at Bkavhave reportedly defeated the iPhone X's Face ID feature using a simply-constructed 3D mask.

The average person probably doesn't need to worry about the purported hack, but billionaires, celebrities, and high-profile public figures like presidents may want to rethink their use of Apple's nascent facial recognition technology. 

Apple is trying to convince people Face IDis more secure than its Touch ID fingerprint sensor, which is still used in the iPhone 8 in addition to earlier models. But stories about weak spots (especially if you've got a twinor you're a kid) keep popping up.

While Apple acknowledges that Face ID isn't hack-proof, the company says it's built the face recognition technology to have 1 in a million chance of somebody else unlocking your iPhone X compared to the 1 in 50,000 chance using Touch ID.

Not only that, but Apple says it worked with Hollywood makeup artists and mask makers to ensure that elaborate masks couldn't be used to bypass a person's iPhone X. 

Before Bkav, a security firm, released its results, others have tried to trick Face ID using detailed masks and failed. The Wall Street Journal's Joanna Stern had a mold of her face made by a professional prosthetic company and, sure enough, her iPhone X wouldn't unlock when a colleague donned her fake face. Wired's David Pierce also attempted a much more detailed recreation of his face using a variety of different materials, but also failed to trick Face ID.

Bkav's rudimentary mask, though, tripped up the feature. The mask, which you can see below, included a 3D-printed face with 2D-printed eyes and lips and a 3D nose constructed of silicone. Mashable has reached out to Apple for comment on the hack.

If this hack looks basic, that's because it is — at least on the surface. Bkav says the crude mask only cost about $150 to make.

Rich and famous more at risk

That may sound really scary, but this hack won't affect most people.

For starters, the lengths one must go through — it took about a week for Bkav to create a mask that successfully tricked the iPhone X —  isn't worth it in most cases.

Then there's the matter of getting scans of your eyes and mouth. According to Wired, Bkav's researchers need to manually scan a person's face for five minutes before getting enough detail to reconstruct a false mask.

Billionaires, celebrities and public figures, who will have their faces photographed and widely published could be easier targets.

Additionally, the silicone nose needs to be made by hand. An initial version of the nose reportedly didn't work and needed to be modified to deceive the iPhone X's TrueDepth cameras and built-in AI.

Though similar facial recognition unlocking technology on Samsung's Galaxy S8 andNote 8 phones is much easier to bypass (in some cases, it can be fooled by a picture), the alternative and more secure iris scanner built into these phones is much more difficult to hack, requiring very specific printers and contact lenses.

All things considered, Bkav's researchers say billionaires, celebrities and public figures, who will have their faces photographed and widely published could be easier targets for its hacks. With enough effort, a skilled craftsman could reconstruct a mask similar to the one Bkav made using lots of photographs.

"Potential targets shall not be regular users, but billionaires, leaders of major corporations, nation leaders and agents like FBI need to understand the Face ID's issue," the researchers said in a statement. "Security units' competitors, commercial rivals of corporations, and even nations might benefit from our PoC [proof of concept]."

Set up a strong passcode

Bkav still has some further explaining to do to convince other security experts that the hack is genuine, but given their track record — in 2008, they were the first ones to bypass face biometrics that shipped on top-brand laptops from the likes of Lenovo, Toshiba, Asus, and more — it appears sound.

Still, the researchers say Face ID is weaker than Apple claims:

You can try it out with your own iPhone X, the phone shall recognize you even when you cover a half of your face. It means the recognition mechanism is not as strict as you think, Apple seems to rely too much on Face ID's AI. We just need a half face to create the mask. It was even simpler than we ourselves had thought.

I tried covering half my face (both sides), and then only my eyes, only my mouth, and then placed my hand spread open on my face, and I couldn't get Face ID to unlock on my own iPhone X. That's how it should work.  

Face ID, like the face recognition technology on other phones, requires a person's eyes to be open in order to work. So if someone points your iPhone X at your face while you're sleeping it won't unlock.

However, while requiring your eyes to be open is one way to check against fakes, it's not a way to verify the face it's looking at is really alive. One way Apple could make Face ID just a smidgen more secure is to require a blink during the face detection process. Android introduced this blink check on Android 4.0 in 2011 after hackers cracked its face unlock feature.

Biometric security in our smartphones has improved significantly over the last few years. Though this Face ID hack looks terrifying, it's just as complex and time-consuming as recreating a mold of your fingerprint to fool Touch ID.

Unless you're holding the codes to nuclear codes (in which case you probably wouldn't even be allowed to use this tech) or have something in your device that's totally worth stealing, the amount of work required for this hack isn't going to produce a valuable return for hackers.

In any case, should you elect to not use Face ID as your main method of security for your iPhone X, make sure you have a really strong 6-digit or alphanumeric passcode in place (never just use four digits). Hackers could always try to brute force their way into your phone using software, but barring that, they can't obtain a code that's stored in the only impenetrable place in the world: your mind.

Prynt Pocket Prints Your Android Phone Photos Directly

(Source: Prynt)

Prynt originally released an add-on device that allowed users to convert their phone into a Polaroid camera, back in 2015. The original design was bulky and was quickly followed by another device that was half in size from the original and was known as the Prynt pocket. Initially, it only came out for the iPhone but an Android version has now been released as well.

The device is pretty useful and does exactly what it claims to do. It allows the phone to directly dock into the unit and turns it into a polaroid. This is a cause to celebrate for the Android users who are Polaroid fans but they need to hold their horses. The Prynt pocket comes with a USB-C connection so people with older model Android phones won’t be getting to enjoy its benefits just yet.

(Source: Prynt)

The Prynt pocket uses sticker paper and has the ability to print 20 photos on a single charge. The device uses ZINK ink-free thermal printing technology so you have no choice but to use the proprietary printing paper from the company.

One exciting feature of the new device is that it incorporates augmented reality. Using the app you can make a small video form which a still image is generated and printed. When the photo is later viewed through the app, it comes alive with the moving video.

(Source: Prynt)

The basic function of the Prynt pocket is to make sure it prints out Polaroid sticker photos from your phone and it does a good job with that. The device is being launched through Kickstarter currently with a starting price of $119. Even the company has already manufactured a few models, the delivery does not start until April. They are trying to be completely sure that it runs without a hitch.

You can take a look at the device in the video below:

10-year-old unlocks mom's iPhone X with his face, dabs in celebration

Apple's Face ID just got dabbed on by a pre-teen. 

The iPhone X's new biometric security system has been put to the test in all manner of ways since it debuted to the Apple-loving public earlier this month. In many of these trials, the new facial-recognition tech stands strong — but family members who share the same features have sometimes been able to circumvent the system. 

That's the case in a YouTube clip spotted by Wired that might give paranoid parents some concerns about Apple's new security feature.  

The vid shows ten-year-old Ammar Malik unlocking his mother Sana Sherwani's new iPhone X, easily passing the Face ID barrier that Apple claims offers users a 1 in 1,000,000 chance that someone else in the general population will be able to break through. Ammar is clearly that minute exception to the rule in this case, so he celebrates accordingly with a strong dab as any self-respecting 10-year-old would. 

Ammar was also able to unlock his father Attaulluh Malik's device once, too, but has been stymied in every other attempt. The family told Wired that Sherwani was only able to bar her son from her phone after she re-scanned her face in better light conditions — but after a few more tries, it seemed like the phone's AI system had adapted to the boy's features, consistently giving him access again. 

The boy's father published a LinkedIn postabout the family's ordeal. Malik notes that the iPhone X's biggest security issue comes when a malicious party gains physical access to the device, which makes more sophisticated hacks depending onsketchy masks less likely to be a concern for everyday users. Having a kid with an in-app purchase addiction and a fast track into their parent's phone, however, could actually become a problem. 

Apple didn't respond to specific questions about the potential vulnerability, but a rep pointed us to an article on the company's support page about Face ID. The "security safeguards" section acknowledges the system's issues with family members: 

The statistical probability is different for twins and siblings that look like you and among children under the age of 13, because their distinct facial features may not have fully developed. If you're concerned about this, we recommend using a passcode to authenticate.

That statement isn't exactly reassuring for parents worried about their iPhone's security from their own kids, which is probably the one scenario where it's not unreasonable to expect outside attempts at access won't be the result of rare (and illegal) circumstances like theft. For now, concerned iPhone X-owning parents need to do three things: test your Face ID system with your kids, make some strict rules, and, if you really don't trust your progeny, set up a PIN code.   

How to track my child’s cell phone location without him knowing

Children living in the modern world are exposed to many risks, thankfully, we have technologies that can be leveraged to ease the minds of parents. A cell phone can be a great tool to track the location of your child at all times and letting parents stand a better chance of protecting them from harm. Here are some of the features that the best spy apps apply to help parentstrack someone’s cell phone location without them knowing .

Geo-tracking: With such a feature, you can get real time updates of your child’s whereabouts. This way, you will know if they take detours of places you haven’t authorized.

Geo-fencing: This function lets you set a perimeter in a certain location; you will get alerts if your child leaves or enters that set boundary.

Stealth camera: Sometimes all you need to better understand the risk of a certain location is a photograph, this feature uses your child’s cell phone to take pictures of the surrounding. Videos can be recorded as well.

Ambient listening: Let’s say the cell phone is already in your child’s pocket so you cannot take stealth pictures. Ambient listening will activate the device’s microphones for you to listen to the conversations going on in the surrounding.

Call recording and intercepting: Speaking of listening, sometimes all you need totrack someone’s cell phone location without them knowing is intercepting a call of them talking about where they are going. With call recording, conversations are recorded and the parent can listen to them later. On the other hand, intercepting lets you into a live on-going conversation as a silent third party. Messages and social media conversations can be read as well.

Time restrictions: Sometimes the location of your child calls for total attention, for instance, in a library room or class room, at this time, you can restrict the usage of your child’s phone to a certain duration depending on their class/study time table.

Blocking: In the modern world, your location is not determined only by your physical coordinates, the internet has made it possible to travel to far and risky places at the comfort of our homes. You can now block access of certain apps, websites and contacts that can take your child to a mindset you do not condone.

So do not gamble with your child’s safety, select one of the best spy apps with the above features and instantly start to keep track of your loved one’s location and actively get involved with their safety.

This Weird Hack Can Give You Gigabytes Of Free Space On Your iPhone

(Source: Boredom Therapy)

Apple fans are loyal and stick to the new version of iPhone year after year. Still, they do have their fair share of complaints. One of these biggest complaints has been the issue of iPhone storage. Never having enough space whenever you need to capture a moment or make a video. The Apple users can rest easy and no longer have to worry about the storage issue on their phones with this simple hack.

The error we are so used to seeing:

(Source: Boredom Therapy)

We’ve wanted to do this a number of times over the years.

(Source: Boredom Therapy)

That time is long gone. You can follow this useful trick to free up space but first, you need to have a few Mbs of space available on your phone. You can check the remaining storage by going into your settings. Tap “General” and then go into “Storage & iCloud Usage”. You will see something like this.

(Source: Boredom Therapy)

Now that you have a few Mbs of space, the next step is to open your iTunes application and find the longest movie you can find. The longer the better. Once you’ve found it, press rent. Not to be alarmed, you won’t have to pay for it as you don’t have the storage to download such a movie. A notification will pop up, informing you of low storage. At this point, you need to go to the settings from the popup notification box and see the magic happen.

(Source: Boredom Therapy)

Once you’re in the settings, go to the screen where you can check the total and available storage. You will see that trying to download such a large file will have cleared up the cache and space you never knew you had on your phone will be available to you.

(Source: Boredom Therapy)

You can repeat this technique a number of times until the phone’s cache is completely cleared. Follow the simple steps never to have problems with your iPhone storage ever again

The FBI can't figure out how to unlock the Texas church shooter's iPhone, and Apple has offered help (AAPL)

Another battle is brewing between FBI and Apple.

Apple CEO Tim Cook  (Getty/Justin Sullivan)

• The FBI says it can't access data on a phone used by Devin Patrick Kelley, the gunman who killed 26 people on Sunday at a rural Texas church.
• Apple said that it contacted the FBI but it has not yet received a request for technical assistance.

Another fight between Apple and the FBI is brewing, this time over an iPhone reportedly used by Devin Patrick Kelly, the man who went on a shooting rampage on Sunday killing 26 people at a church in Sutherland Springs, Texas.

In a press conference on Tuesday, the FBI said that it hadn't been able to access data on a phone used by the gunman. The Washington Post identified the phone as an iPhone.

"They're in the process of looking at the phone," Christopher Combs, the special agent leading the investigation into the shooting, told reporters on Tuesday. "Unfortunately, at this time, we are unable to get into that phone."

Combs' comments suggest that critical clues to Kelley's motivations or potential co-conspirators remain inaccessible on his device without knowing the password.

Apple told Business Insider that it reached out to the FBI after it saw the press conference on Tuesday.

"Our team immediately reached out to the FBI after learning from their press conference on Tuesday that investigators were trying to access a mobile phone. We offered assistance and said we would expedite our response to any legal process they send us," an Apple spokesperson said in a statement.

"We work with law enforcement every day. We offer training to thousands of agents so they understand our devices and how they can quickly request information from Apple," it continued.

The fingerprint sensor might still have been able to unlock the phone after Kelley's death

null  (Flickr/Kārlis Dambrāns)

The Apple spokesperson went on to confirm that law enforcement had not yet asked for any help from Apple accessing data off of Kelley's phone.

The implication is that had law enforcement contacted Apple sooner, it would have received tips and guidance that could have helped it preserve access to the data on Kelley's phone.

For example, as a security measure, the fingerprint sensor on iPhones won't work if the user hasn't used it in the last 48 hours. That suggests that for the two days after the rampage and after Kelley's death, but before the press conference, law enforcement could have used Kelley's actual finger or a copy of his fingerprint to access his phone.

Echoes of the San Bernardino showdown

The episode mirrors a fraught situation in 2016 when Apple and the FBI publicly clashed over access to an iPhone used by Syed Farook, a terrorist associated with an attack in San Bernardino.

At the time, Apple went public to fight a court ruling that ordered it to assist the FBI in bypassing critical security features on the device. But the FBI later announced that it was able to access the data on its own and dropped the court fight.

FBI officials have called for companies like Apple to build "back doors" into their technology — special ways for law enforcement to read messages and other data off of commercial smartphones.

A spokesperson for the FBI did not immediately return a request for comment outside of business hours