Why does the OnePlus 3T’s Oreo beta send clipboard data to a server?



Update (01/12): Questions have been lifted about OnePlus tactics the moment far more yesterday when it came to mild that a single of its applications was speaking with an Alibaba-owned server. Reddit customers have given that been digging into the claims and have presented some thoughts on the doable causes for the event.

how to hack wifi password using android phone without root

Using a tool called mitmproxy, a Redditor was ready to just take a appear almost everything being transferred from their OnePlus 3 mobile phone when utilizing the clipboard to support make some guesses about what it is for.

Critically, it seems that there is no sensitive information being sent to the Alibaba server, but in its place, the communication would seem to relate to a “Smart Clipboard” function that would support preserve time when undertaking selected actions. Similar to how the Google Translate app’s “tap to translate” function functions, this process could support preserve time if it acknowledged a URL, or specific e-commerce content, experienced been copied.

Seemingly, TaoBao—an Alibaba-owned organization which operates a Chinese keep comparable to Amazon’s—can make use of this e-commerce information copied in messages (perhaps when a person shares a hyperlink to the Taobao web site in a chat app). This is why it would have at first been included in the HydrogenOS (Chinese) OnePlus functioning method, pinging the Alibaba server when one thing is copied.

We’re nonetheless mild on information about specifically what this is used for, nonetheless. While the Good Clipboard function is stated to be a time-saver, Taobao’s usage of it may possibly not relate to relieve of use on the customers section, but could be of a far more self-serving character. OnePlus actually could have been far more apparent in its original clarification on this.


Unique coverage (01/11): A person that goes by the title of v1nc not too long ago posted on the OnePlus forums to say that a new method app was exhibiting odd behavior all through the OnePlus 3T Oreo beta. Typically this wouldn’t be news, due to the fact it is a beta, soon after all, and the app doesn’t exist in stable builds of OxygenOS. But, in accordance to v1nc, the app named “com.oneplus.clipboard” tried to entry the network to converse with an outdoors server. The IP address points to an Alibaba-owned server.

Android Police reached out to OnePlus for a statement. This is what it experienced to say:

Our OnePlus beta software is created to exam new options with a variety of our local community. This unique function was meant for HydrogenOS, our functioning method for the China sector. We will be updating our world OxygenOS beta to remove this function.

According to that representative, the information was not saved “on any server.” They also claimed that “this function is not unusual for China customers.”

This statement leaves us with pretty much as lots of thoughts as when we begun. What was Alibaba undertaking with that information? If the organization is going to the hassle of harvesting clipboard information, why wasn’t it being saved?  If the “feature” is only for HydrogenOS builds, how did it finish up in an OxygenOS beta create just soon after the December safety update was utilized?

These are all thoughts that have answers, and we really feel like OnePlus must be far more transparent with its local community on this situation. Correct now, we have no thought what form of impression offering this form of information has.  This situation could be (and in all probability is) a big nothingburger. But due to the fact OnePlus received caught undertaking it and produced a vague statement, it is lifted considerations.

Leave a Reply