The president of Edge Security, Jason Donenfeld, showed in his Twitter account how he managed to hack the OnePlus 6 smartphone connected to his computer in less than a minute. The manufacturer has already recognized the security hole and promised to fix it.
As shown by Jason, for hacking OnePlus 6 enough to connect the smartphone to a computer with ADB. The debug bridge allows loading any image of the system through the fastboot boot image.img command, bypassing the bootloader’s “wall”. Thus, an attacker can gain root access to the device and, therefore, see all user data. To do this, Donenfeld did not even need an activated USB paging function. The method described by President Edge Security tested the editorial staff of the authoritative Android Police portal and confirmed its reliability.
The #OnePlus6 allows booting arbitrary images with `fastboot boot image.img`, even when the bootloader is completely locked and in secure mode. pic.twitter.com/MaP0bgEXXd
— Edge Security (@EdgeSecurity) June 9, 2018
This is not the first time that the safety of OnePlus smartphones is being questioned.
Having physical access to OnePlus 6, an attacker can bypass protection of a smartphone and otherwise: using the owner’s face photo, if the device is activated unlocking on the face. This was found out in late May, a Twitter user under the nickname @rikvduijn shortly after the purchase of the flagship from the Chinese company.
For more stuff visit our site techverses.com and discover what you want.
