As reported on XDA Developers, and first noticed by researcher Jason Donenfeld of Edge Security, the bootloader on the OnePlus 6 isn't as locked down as it should be - that's the part of the phone's built-in firmware that stops you replacing the OnePlus OS with whatever else you want to install instead.
To take advantage of the vulnerability, a hacker needs to not only have physical access to your OnePlus 6, he also has to have your phone hooked up with a PC.
The phone maker has confirmed in a statement that a fix for the bug is going to be rolling out shortly, but until then don't let your OnePlus 6 out of your sight. The flaw makes it possible for someone to boot arbitrary or modified images - even if the bootloader is locked. Even crazier, as you can see from the video below, USB debugging doesn't need to be turned on.
Android Police verified the vulnerability and was able to boot TWRP on its bootloader-locked OnePlus 6. That is usually a requirement when it comes to messing around with your smartphone. Of course, these two things are in completely different realms as OnePlus warns users that face unlock is less secure than other security measures while the ability to bypass a locked bootloader is a system-level vulnerability.
The OnePlus 6 might be the ideal Pixel alternative, but it also features a serious security flaw that thankfully will be fixed in a software update, reported XDA Developers.
With no special requirements beyond having physical access to the device so it can be hooked up to a PC, is this something that OnePlus 6 owners should be anxious about? From there, it is a simple matter of restarting the handset in Fastboot and loading the modified image.
- Messi: Barca need Griezmann for Champions League
- China’s Trade Surplus With US Widens
- 'Goldbergs' Star Jackson O'Dell Dead at 20
- You may soon be using Android Messages on your Chromebook
- Peter Navarro says 'there's a special place in hell' for Justin Trudeau
- Plastic straws will soon no longer be served at A&W Restaurants
- Horn Talks Being Champion & Underdog
- Jacqueline Fernandez suffers permanent eye injury
- Tel Aviv Pride Parade 2018 expects record number of people
- Trump says National Basketball Association champs won't get invite