OnePlus pushed stable update to 8-series users on OB3, leading to a data wipe

Updates

2020/11/07 21:37 GMT:

We analyzed the APK linked below, and it looks like OnePlus' software engineering team quickly put something together that effectively cancels the pending installation after a reboot:

This means that using this APK will allow you to keep your data by not letting the system install the update in the first place. That's a hacky way to prevent a data loss.

2020/11/07 20:38 GMT:

As we were finalizing this article we noticed OnePlus just shared a solution for people having a device that installed the update but did not reboot yet: download this APK, run it (it will appear as "Keep Data" in your app drawer) and you should be able to reboot without losing your data. You're nonetheless advised to backup your data anyway.

Source: OnePlus. Original article is preserved below.

If you don't have a OnePlus 8 or 8 Pro, we apologize for this news notification. However, we think it's an important read, because OnePlus has made a very big mistake, and you should be aware of it.

For those of you who aren't familiar with the difference between stable and Open Beta, here's a quick summary:

Open Beta (1 per month)

These builds are usually promoted from the Closed Beta (CB) track - new features that have supposedly been well-tested become available to the general public in this track. This is the final "testing ground" for new OxygenOS features. Once the software engineering team is confident about these builds (or individual features within each build), they're promoted to the stable track.

Stable (1 per 1-2 months)

These builds can be considered as the most stable OxygenOS code, as well as features that have been polished after several rounds of feedback. This is the "default" track on any OnePlus phone - as long as you don't switch to either the CB or the OB track, you receive only stable track updates via OTAs.

Once you switch to another update track, you receive updates only for that track. This behaviour applies to the Oxygen Updater app, and is supposed to be on OnePlus' system updater as well. And that's exactly where they messed up — some 8-series owners on the Open Beta track reported that they received an update notification from system updater for 11.0.1.1, which is an update meant only for the stable update track. Even weirder, somehow Google OTA servers were used for global build just like for 8T, as we wrote in a previous news item. We were lucky enough to capture the OTA link for OnePlus 8 after update_engine logs were shared with us, but we are concerned that it will be difficult to support 8-series global builds in the future, as Google OTA system streams the flashable zip directly, meaning it is not saved on device itself and therefore can't be shared to us even if you opted in for contributions. The only way would be to contact us by email or Discord, as monitoring system logs isn't something an application on Play Store can do for any reason whatsoever.

Screenshot from the "OnePlus 8/8T Series - English US/EU/AUS - Off-topic/Dev Chat" Telegram group. OneNormalUsername is an Oxygen Updater team member

What's worse is that moving from beta -> stable involves a full data wipe as part of the install process, which meant users lost all their files (pictures, videos, messages, etc.). All their files, gone completely — unless they practiced the good habit of taking regular backups (either a cloud backup, or simply copying things to their PC). In a lot of cases, they even lost access to 2-Factor Authentication apps like Google Authenticator, and therefore weren't able to transfer their 2FA keys. That meant they were also locked out of several online accounts like Gmail, LinkedIn, Discord, GitHub, etc (unless of course, they had recovery codes lying around — which quite a few people did not).

Most people had the "Automatic system updates" option enabled in Developer options (standard behaviour on at least all OnePlus devices running Android Pie and up), which allowed the system to automatically install whatever update the stock OTA app was pushing out. There were people who basically came back to a fully formatted device, without even realising what, or how it happened. No warning dialog about a data wipe or anything. Some people also received an "update" to a previous build, as detailed below.

The above screenshot was sent to us by Leandro Tijink, who won the #PMChallenge in 2019. Leandro worked with OnePlus closely for OxygenOS UI/UX design. He was on Open Beta 3, and had the October security patch (2020.10). The update notification he received "updated" (read: downgraded) the Android security patch to August — that's more than a two month backlog now. So not only did this issue wipe people's data, but in Leandro's case also downgraded their security patches to an outdated one, as well as their Android version, which could have potentially bricked the device!

Both these screenshots are from the r/oneplus Discord server

OnePlus Forums are full of other people reporting this issue, and looks like they halted the 11.0.1.1 update so that they could investigate internally:

The company is suggesting users to backup data and "double-confirm if it's an Open Beta update", but this comes a little too late. Even though not all 8-series OB3 devices are affected, the damage has already been done and users' trust and reliance on this company is waning. From accidental customer email leaks, to exposing private payment and password info, OnePlus has surely had more than its share of confidence-shaking incidents.

The company has a track record of making a lot of OTA-related mistakes in the past, which is part of the reason why a lot of users rely on us (the Oxygen Updater team) to ensure their devices receive the latest & correct updates. It is utterly disappointing that a third-party app is far more competent in OTA-related matters than OnePlus themselves. In the past, OnePlus has rolled out NA/Global updates to EU users on 7T-series OB. This should never happen, because EU builds are different from global builds — likely due to EU legislature.