OnePlus had initiated the rollout of OxygenOS 3.2.0 to the OnePlus 3, much to the rejoice of users as the update fixed a lot of issues that early adopters were facing. But as it currently stands, the update has been paused.
As OnePlus states in their forum post:
Due to some reports of issues while upgrading, we are temporarily stopping the rollout to investigate. We will start back up as soon as possible.
The update was meant to reach 100% rollout in 48 hours, but has been paused after about 26 hours. It is unknown what the issue is, how many users received the update and how many of these have had “the issue”. The update is promised to be back up “as soon as possible”, but if you wish to manually flash the update, you can still find a few mirrors. Do note, that flashing this particular update may involve risks (as we assume the pause in the rollout to be because of critical reasons), so make sure to have backups just in case.
Seemingly unrelated, but on a tangent nonetheless, an issue was found with how OnePlus orchestrates update checks for OTAs. As users found out on the OnePlus forums, IMEI on the OnePlus 3 was being sent in plain text over HTTP whenever user attempted a check for OTA. Everytime you press the “Check Update” button, a request is made to OnePlus servers which contains your IMEI in a header plainly called “imei”, and in the user agent as well. Since this request is made over HTTP and not HTTPS, it is easy for anyone to snoop over your IMEI in a MITM attack.
This is a glaring loophole which needs more attention from OnePlus and needs to be fixed with absolute haste. There is no confirmed correlation between the update rollout being paused and the issue being brought to light, but we hope that OnePlus does fix this issue with highest of priorities.
What are your thoughts on the issues? Are they related by causation, or are they just a (not-so) happy coincidence? Let us know in the comments below!
from xda-developers http://ift.tt/29uslwF
via IFTTT
Aucun commentaire:
Enregistrer un commentaire