Cyanogen Inc aims to fix recently discovered OpenSSL vulnerabilities before OnePlus One launch


Cyanogen Inc

The saga of OnePlus and their supposed flagship killer continues to spiral into odd corners of the Internet with the most recent murmurs coming from OnePlus themselves, announcing yet another delay. Lucky users recently received an email from OnePlus stating that they were now able to purchase the OnePlus One, however the exact ship date was unknown due to “perfecting some final issues” in their software. While this sure sounds like software is to blame, Cyanogen Inc’s Abhisek Devkota took to Reddit to set the record straight.

On June 5th, an OpenSSL security bulletin was posted, alerting the world that multiple vulnerabilities had been discovered in their software. An attacker could use these exploits to decrypt and listen in on traffic between clients and servers (man-in-the-middle), another exploit could allow denial of service attacks, another vulnerability could allow a hacker to run code on an exploitable device, and the list goes on and on.

Seeing as CyanogenMod includes major features to protect the privacy and security of their users, such as Privacy Guard and WhisperPush, Cyanogen Inc decided to include the patches and corrections for those vulnerabilities to uphold their stance on these matters. As a result, the final firmware needed to go through the quality assurance and certification process again. This was most likely a tough decision to purposefully delay a product that that Cyanogen Inc has been working on for such a long time, however protecting their end users from known vulnerabilities, that they are able to fix, is more important and the right course of action.

So, hold your pitchforks. Blaming Cyanogen Inc for the OnePlus One delay is actually a good thing. The real question we should be asking ourselves is, why did OnePlus elude to software issues, using CyanogenMod 11S as a scapegoat for their production woes? While they didn’t come out and say Cyanogen Inc was to blame, they left their official stance on the issue wide open to interpretation and didn’t comment on countless CyanogenMod delay rage posts that cluttered their official forums.


In the future I hope that OnePlus and Cyanogen Inc can work more closely together to report issues like these before they turn into this unneeded shitstorm. With more transparency, everyone wins.

Source: Reddit

Derek Ross
I'm a passionate Android enthusiast that's on the pulse of the latest Android news, writing about Android as often as possible. I'm also a little addicted to social networking. Hit me up, I'd love to chat.

Google Glass update transfers photos to your smartphone and brings new Google Now cards

Previous article

Amazon launches music streaming service for Prime subscribers

Next article

You may also like


  1. Ok this is actually pretty awesome of them. Big OEMs would have shipped as-is and patched later. They’re being pretty transparent and we should start to cut them some slack!

    1. Agreed. Let’s wait and see how long it takes for Android 4.4.3 to roll out to the OnePlus One before web bring out our pitchforks.

      1. I’m guessing around 3 months. I wonder if they have the infrastructure set up to efficiently roll out OTA updates yet.

        Edit: I guess they already rolled out some updates to the first 100 contest winners.

    2. And why do they do that? Because in business, missing target dates costs you more customers than hitting those dates and fixing later. Even when its absolutely necessary for something like a safety issue, people always remember the delay, not the reason.

      Think about the last time you were sitting for hours in an airport terminal? Did you feel thankful that the safety procedures were followed or were you just annoyed that you had to wait around for your plane?

    3. lol, to me it’s just excuses because they probably don’t even have the hardware ready out of the factory!

  2. despite this little set back they’re still on track for end of june availability. some have reported oneplus online support saying their ordered phones will ship friday. don’t know if that’s for everyone or for certain countries however.

  3. Any word on your OPO yet Derek?

    1. I gave my invite away to a friend. The invite was for 64gb version only. I had wanted the 16gb version. At this point in the game honestly I don’t want to spend money on this phone. I had wanted it badly a month ago… now I’m willing to wait 2 or 3 more months for a follow up to the Moto X. I’m sitting happily with Android 4.4.3 and as a fanboy, it’s hard to downgrade.

      1. You bailed on the Find 7?

        1. He bailed on the oneplus one (the topic of this article…)

          1. *yawn* he did a review on the Find 7 and was using it as a daily.

          2. Correct! I loved the hardware but ultimately the software made me leave it. I’m a stock Android kind of guy. Even with with CM11S ROM for it, there was a bug or two (because it was a port) that I didn’t want to deal with anymore.

          3. Oh yeah I’d forgotten about that. My bad for thinking you were an idiot. :)

        2. Still have the Find 7a. I’m running an OmniROM build on it for kicks right now. I used it for about a month and a half before going back to my Moto X.

      2. VERY COOL of you to pass the invite along!

  4. Is Cyanogen Inc building a “separation kernel” into its OS for the OnePlus One?

  5. phones are now starting to ship out

    1. Source?

      1. Some people who bought the phone got shipping notices. It’s on their forum right now.

        1. Correct. I’ve seen a few of my friends post notifications.

  6. They just want to make up excuses to buy themselves time before all the invitation quantity of hardware comes out from the factory, LOL~ like 1000 units? hahahh

Leave a reply

Your email address will not be published. Required fields are marked *

More in Handsets