this post was submitted on 16 Oct 2024
145 points (98.7% liked)

Privacy

31609 readers
130 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 16 points 3 weeks ago* (last edited 3 weeks ago) (2 children)

After getting the crash issue resolved (it is now fixed), I tested this to see how it behaves by using PCAPdroid. I also attempted to decrypt the traffic, to see what it sends.

This is the traffic analysis:

Type Port IP version Size Status
DNS 53 IPv4 Random >120 B Closed (Good)
TLS 443 IPv6 120 B Unreachable
HTTPS 443 IPv4 Usually 2.4 KB Error (Did not trust my decryption certificate)

It sends to a random list of hosts, all of which are listed here:

https://4chan.org

https://www.reddit.com

https://www.yahoo.com

https://www.cnn.com

https://pornhub.com

https://www.ebay.com

https://wikipedia.org

https://youtube.com

https://github.com

https://medium.com

https://thepiratebay.org

After digging through the code, here is the file with a list of hosts. It also seems to randomly generate user agents, which is good.

The developer blocked me from opening issues on all of his projects.

[–] [email protected] 11 points 3 weeks ago (2 children)

now that i see that list, the app became a lot less interesting :/

i used to use a firefox addOn that had the same function, but it created noise by "clicking" on random links starting from a user defined page

[–] [email protected] 5 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

I was about to make a pull request to expand the list to the top 109 websites, but the developer blocked me from all interactions because I "spammed too many issues" (I opened 5 and they were all legitimate). Buggy software gets multiple bug reports, what a surprise... The software (or at least the idea) has a lot of potential, but a lot of work and care needs to be put into it.

[–] [email protected] 2 points 3 weeks ago

Only two of your five issues were bug reports, one of which was not really useful - various android makes have their own optimizations that can kill the app in the background, there's very little devs can do to stop this.

[–] [email protected] 1 points 2 weeks ago

Mullvad VPN has DAITA which does something similar but more legit

[–] x00z 2 points 3 weeks ago

Maybe you need 2FA on your GitHub account before you can do that. GitHub has made it a requirement for almost all the "dev" stuff.