After getting the crash issue resolved (it is now fixed), I tested this to see how it behaves by using PCAPdroid. I also attempted to decrypt the traffic, to see what it sends.
This is the traffic analysis:
Type
Port
IP version
Size
Status
DNS
53
IPv4
Random >120 B
Closed (Good)
TLS
443
IPv6
120 B
Unreachable
HTTPS
443
IPv4
Usually 2.4 KB
Error (Did not trust my decryption certificate)
It sends to a random list of hosts, all of which are listed here:
I was about to make a pull request to expand the list to the top 109 websites, but the developer blocked me from all interactions because I “spammed too many issues” (I opened 5 and they were all legitimate). Buggy software gets multiple bug reports, what a surprise… The software (or at least the idea) has a lot of potential, but a lot of work and care needs to be put into it.
Only two of your five issues were bug reports, one of which was not really useful - various android makes have their own optimizations that can kill the app in the background, there’s very little devs can do to stop this.
After getting the crash issue resolved (it is now fixed), I tested this to see how it behaves by using PCAPdroid. I also attempted to decrypt the traffic, to see what it sends.
This is the traffic analysis:
It sends to a random list of hosts, all of which are listed here:
https://4chan.org
https://www.reddit.com
https://www.yahoo.com
https://www.cnn.com
https://pornhub.com
https://www.ebay.com
https://wikipedia.org
https://youtube.com
https://github.com
https://medium.com
https://thepiratebay.org
After digging through the code, here is the file with a list of hosts. It also seems to randomly generate user agents, which is good.
The developer blocked me from opening issues on all of his projects.
now that i see that list, the app became a lot less interesting :/
i used to use a firefox addOn that had the same function, but it created noise by “clicking” on random links starting from a user defined page
I was about to make a pull request to expand the list to the top 109 websites, but the developer blocked me from all interactions because I “spammed too many issues” (I opened 5 and they were all legitimate). Buggy software gets multiple bug reports, what a surprise… The software (or at least the idea) has a lot of potential, but a lot of work and care needs to be put into it.
Only two of your five issues were bug reports, one of which was not really useful - various android makes have their own optimizations that can kill the app in the background, there’s very little devs can do to stop this.
Mullvad VPN has DAITA which does something similar but more legit
Maybe you need 2FA on your GitHub account before you can do that. GitHub has made it a requirement for almost all the “dev” stuff.