Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - App "telemetry" InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

App "telemetry"

Published: 2014-07-22
Last Updated: 2014-07-22 15:39:30 UTC
by Daniel Wesemann (Version: 1)
7 comment(s)

ISC reader James had just installed "Foxit Reader" on his iPhone, and had answered "NO" to the "In order to help us improve Foxit Mobile PDF, we would like to collect anonymous usage data..." question, when he noticed his phone talking to China anyway. The connected-to site was alog.umeng.com, 211.151.151.7. Umeng is an "application telemetry" and online advertising company. Below is what was sent (some of the ids are masked or have been obfuscated)

I particularly like the "is_pirated: No". It goes well with "is_snooping: Yes" that is though missing from the exchange...

 

Keywords: foxit iPhone
7 comment(s)
Diary Archives