I have always suspected my phone communicating without my knowledge. Sometimes, it is pretty obvious that large amount of data is being transferred other times a little bit of hellos.
Since I do not synchronize my phone online, or automatically check for updates, this is kind of worrying.
Installing some apps to monitor data usage did not help much as it only showed which apps have consumed how much of the data. What I want is which app is sending out and downloading data.
tPacketCapture is one app that was a bit of a help allowing to capture data flowing through my phone just like wireshark.
I stopped pretty much all the applications that I knew had to communicate with their servers, such as viber, whatsapp and facebook etc and captured some data for about 15 minutes.
I found out that my phone is receiving packets intended for other systems, just like a computer would.
It is also communicating with an ip 74.125.136.101 (Google) exchanging ACK and FIN packets over HTTPS.
There was data going through TSLV1 protocol to 173.194.79.221 (to Google).
At another time logging packets, that is without turning off all the apps on my phone, showed
Data over HTTPS to Google on these ip addresses
- 173.194.65.94
- 173.194.65.120
- 173.194.65.95 - TSLV1 protocol - Application Data
- 74.125.136.101
- 74.125.136.103
- 74.125.136.188
TCP Hpvroom data with Google:
- 175.158.4.76
- 175.158.4.78
Data sent to 175.158.4.76 (NAVER - South Korea, because of the app LINE) I have uninstalled LINE since there was no way of closing it and the app would start on its own once "Force Stopped".
I yet have to find what data is being shared with Google and why.
Since I do not synchronize my phone online, or automatically check for updates, this is kind of worrying.
Installing some apps to monitor data usage did not help much as it only showed which apps have consumed how much of the data. What I want is which app is sending out and downloading data.
tPacketCapture is one app that was a bit of a help allowing to capture data flowing through my phone just like wireshark.
I stopped pretty much all the applications that I knew had to communicate with their servers, such as viber, whatsapp and facebook etc and captured some data for about 15 minutes.
I found out that my phone is receiving packets intended for other systems, just like a computer would.
It is also communicating with an ip 74.125.136.101 (Google) exchanging ACK and FIN packets over HTTPS.
There was data going through TSLV1 protocol to 173.194.79.221 (to Google).
At another time logging packets, that is without turning off all the apps on my phone, showed
Data over HTTPS to Google on these ip addresses
- 173.194.65.94
- 173.194.65.120
- 173.194.65.95 - TSLV1 protocol - Application Data
- 74.125.136.101
- 74.125.136.103
- 74.125.136.188
TCP Hpvroom data with Google:
- 175.158.4.76
- 175.158.4.78
Data sent to 175.158.4.76 (NAVER - South Korea, because of the app LINE) I have uninstalled LINE since there was no way of closing it and the app would start on its own once "Force Stopped".
I yet have to find what data is being shared with Google and why.
