Hello,
I am a little lost and would greatly appreciate any help.
Recently I rooted my Nexus 4 and installed the usual apps like DroidWall, App Ops and Network Log, only to discover that my custom launcher, GO Launcher, is sending data to some Chinese servers (later I found out that they data-mine their users activity) and that my password manager is doing something similar. Talk about swallowing the red pill.
Well, I replaced Go Launcher with Nova Launcher, which did the trick. It's a great launcher and it is not as intrusive, requiring less privileges to begin with. So yes, I was stupid, learnt from my mistake and moved on (although I still am curious with what data of mine GO Launcher got away, so if anyone knows, please chime in, as this might also interest others as well, given that it is one of the most popular launcher apps in the Google Play Store).
More importantly though, I want to know what data is being sent by my password manager, SplashID (from Splash Data).
I have found that the server it is connecting to is 50.56.219.150, which according to Whois.com belongs to Rackspace Cloud Servers in Texas, USA. I assume that these are rented out to Splash Data, but that is beside the point. I bought their software (both for desktop PC and Android) in good faith and at a time when the only data transmitted was local; between my PC and my phone on my home network.
I managed to add a custom script in Droidwall to block traffic to the mentioned server, but now am interested in what exactly was being transmitted.
I looked for an app that would be similar to PC's WireShark and found Shark for Root, but have no idea how to use it and set-up its parameters. Is there a better app for this? Are there some standard parameters that I enter?
As I said, any help whatsoever would be greatly appreciated.
[Also, I wanted to add screenshots, but couldn't find a way.]
I am a little lost and would greatly appreciate any help.
Recently I rooted my Nexus 4 and installed the usual apps like DroidWall, App Ops and Network Log, only to discover that my custom launcher, GO Launcher, is sending data to some Chinese servers (later I found out that they data-mine their users activity) and that my password manager is doing something similar. Talk about swallowing the red pill.
Well, I replaced Go Launcher with Nova Launcher, which did the trick. It's a great launcher and it is not as intrusive, requiring less privileges to begin with. So yes, I was stupid, learnt from my mistake and moved on (although I still am curious with what data of mine GO Launcher got away, so if anyone knows, please chime in, as this might also interest others as well, given that it is one of the most popular launcher apps in the Google Play Store).
More importantly though, I want to know what data is being sent by my password manager, SplashID (from Splash Data).
I have found that the server it is connecting to is 50.56.219.150, which according to Whois.com belongs to Rackspace Cloud Servers in Texas, USA. I assume that these are rented out to Splash Data, but that is beside the point. I bought their software (both for desktop PC and Android) in good faith and at a time when the only data transmitted was local; between my PC and my phone on my home network.
I managed to add a custom script in Droidwall to block traffic to the mentioned server, but now am interested in what exactly was being transmitted.
I looked for an app that would be similar to PC's WireShark and found Shark for Root, but have no idea how to use it and set-up its parameters. Is there a better app for this? Are there some standard parameters that I enter?
As I said, any help whatsoever would be greatly appreciated.
[Also, I wanted to add screenshots, but couldn't find a way.]
Facebook
Twitter
Instagram