Has Qualcomm ever raised venture capital?

5.1.2 Minimum settings in practice

Which connections do the devices establish despite the minimum settings described above? This question was answered in practical tests of the four operating systems. The examinations therefore consider connections which the device establishes after switching on for the first time despite minimum settings. The smartphones connect to the Internet via WLAN.

The following section summarizes the results of the practical tests and highlights important findings. This is followed by a section for each operating system in which the individual results are described in detail.

summary of results

For each of the four operating systems, the following properties of the connections were documented and examined within a period of 23 hours after setting up:

  • Destination address: The address of the remote station was examined for each connection of the terminal device. This is initially available as an IP address. An attempt was then made to assign a meaningful host name to this IP address.
  • Amount of data exchanged: For each connection, the entire amount of data exchanged and the data sent by the device was documented and examined.
  • Duration of the connection: For each connection, the duration was documented and examined.
  • Contained plain text information: For each connection, the transmitted data was traced on the basis of the data packets and examined for legible information.
  • Encryption: For each connection it was checked whether a transport encryption, e.g. TLS1, was used.

Table 5.1 summarizes the test results. Android and iOS have a very high data volume of 10.89 MB and 68.19 MB, which is due to operating system updates. As part of such an examination of network traffic, updates of individual apps or the operating system can always occur.

Table 5.1: Summary of test results with minimal settings

For the evaluation of whether - and, if so, which - private data leaves the phone, the pure data volume is not decisive. Therefore, all individual compounds were examined in this study. The most important results are summarized below.

  • COMMUNICATION WITH THE MANUFACTURER All four operating systems communicate with endpoints that can be assigned to the respective manufacturer of the operating system.
  • ENCRYPTED COMMUNICATION All four operating systems use TLS for some of the established connections to encrypt the data transmission. For these connections, it is not possible to determine within the framework of the tests carried out which data was transmitted by the end devices.
  • CONTINUOUS CONNECTIONS Shortly after connecting the device to the Internet, Android and iOS connections were established that were maintained for almost the entire test period. In the case of iOS, this was the basic service Apple Push Notification Service (APNS). This service is used to receive push messages. With regard to Android, there was an ongoing connection with mtalk.google.com, a service that is used, among other things, to provide video and chat functions (e.g. Google+ Hangouts). Shortly after the start, BlackBerry OS also establishes a connection to a BlackBerry server, which remains active for almost the entire measurement period. The purpose of this connection, however, remained unclear.
  • ADVERTISING SERVICES Only for Android could it be observed that communication was carried out with an endpoint for advertising purposes. The end point of this conversation can be assigned to DoubleClick, a company in the Google group.
  • POSITIONING UPDATE Android and BlackBerry OS establish a connection too xtra1.gpsonextra.net or to xtra3.gpsonextra.net on. This host transmits data to the end devices, which improve the position determination via GPS on the devices. In short, it is an update for the basic service for positioning.
  • CONTENT DELIVERY NETWORKS (CDN) All four operating systems establish connections with so-called content delivery networks (CDN). A content delivery network (CDN) is a distributed architecture for delivering data over the Internet. Videos, for example, are stored in different data centers in abbreviated form and the cheapest storage location is always selected when a user requests, e.g. based on the geographical proximity between the user and the video. In this way, the quality of service, e.g. for smooth video streaming, can be greatly improved. CDNs are also useful for providing operating system updates.
  • LOCATION AND AVAILABLE WLANS One abnormality could be observed with the Windows Phone: This established connections with an end point that offers services for location determination. However, due to the encryption used, it was not possible to determine which data was transmitted. The host name (inference.location.live.net) as well as incidents that have become known2) suggest that this is a service for determining the location. According to Microsoft, this service will collect cellular information as well as information about wireless networks in range. If this data is actually recorded and sent, this contradicts the minimum facility selected in the test, for which Back up WiFi connection data to detect WiFi in the area has been explicitly deactivated.

Individual results of the operating systems

The following sections provide a detailed overview of the main results of the investigation of the individual operating systems.

Android

Overall, the device communicated with 22 endpoints (IP addresses) and established 97 connections, in which 10.89 megabytes Data was exchanged. More information about the conversations and connections include this:

  • The transport channel is encrypted with TLS for 13 of the 97 connections.
  • 20 of the 22 endpoints have IP addresses that are registered on Google.
  • 1 of the 22 endpoints has an IP address that is registered on Peer1hosting3).
  • 1 of the 22 endpoints has an IP address that is registered on Hetzner Online4).
  • The longest connection (consisting of several conversations) is with the URL
    mobile-gtalk.I.google.com (see below for more information), lasts almost 23 hours and starts within ten seconds after the device connects to the Internet.

The following is noticeable in the compounds examined:
Just a few seconds after the device is connected, a connection to a server is established with its host name mobile-gtalk.I.google.com and that is the url mtalk. google.com owns. This service was previously part of the Google Talk Client, i.e. Voice & Chat service that was replaced by Google+ Hangouts in 2013. This connection is established without the device being linked to a Google account.

Immediately after connecting to the Internet, contact is established with a server, its host xtra3.gpsonextra.net reads. The address gpsonextra.net is registered to the company Qualcomm, the manufacturer of the radio chip built into the device. The aim of this conversation is to transmit data to the end device in order to improve position determination via GPS; this data exchange is not used to determine the position of the device.

Immediately after establishing a connection to the Internet, the device also establishes a connection with a server, its host name www.googleadservices.com and which can be reached under the URL http://www.google.com/doubleclick/. DoubleClick is a company in the Google group that provides advertising technology.5 This connection has been in place for more than eleven hours. The connection establishment contains a request, which apparently requests a certain metric for advertising purposes for the pre-installed YouTube app (/ pagead / conversion /).

BlackBerry OS

Overall, the device communicated with 20 endpoints (IP addresses) and established 296 connections, in which 1.28 megabytes Data was exchanged.

  • 10 of the 296 connections were encrypted with TLS.
  • 15 out of 20 endpoints have IP addresses registered on BlackBerry.
  • 2 out of 20 endpoints have IP addresses registered on Akamai (CDN provider).
  • 1 out of 20 endpoints has an IP address that is registered on Google.
  • 2 out of 20 endpoints have IP addresses registered on Qualcomm.
    Shortly after the connection to the WLAN is established, a connection to BlackBerry (blackberry.com) is automatically established, which is active for the entire test period.

Among the compounds examined, the following should be emphasized:
Immediately after the device is connected to the Internet, a server will use the address xtra3.gpsonextra.net contacted. gpsonextra.net is registered to the company Qualcomm (Manufacturer of the built-in radio chip). The aim of this conversation is to transfer data to the end device in order to improve position determination via GPS.

Two unencrypted connections become time.blackberry.com built up. BlackBerry uses these connections to synchronize its time.

An encrypted connection is established to a BlackBerry ID server, although no BlackBerry ID was set up on the phone when the test was carried out.

Two connections are established to servers with Eyeball AnyFirewall Engines. According to the product website6) 7), these are technologies for bypassing NAT firewalls, as can be found in many home networks. This enables direct connections to be established between two devices located behind such firewalls. This functionality may be required for the BlackBerry Messenger (BBM), which enables both VoIP and video telephony between different end devices.

iOS

Overall, the device communicated with 55 endpoints (IP addresses) and established with these endpoints 202 connections, in which 68.19 megabytes Data was exchanged. More information about the conversations:

  • 39 of the 55 endpoints have IP addresses that are registered with Apple.
  • 16 of the 55 endpoints have an IP address registered with Akamai.
  • 105 of the 202 connections were encrypted with TLS.
  • 97 of the 202 connections were unencrypted.

Among the compounds examined, the following should be emphasized:
There was a connection with throughout the test period mu-courier.push-apple.com.akadns.net, the APNS (Apple Push Notification Service), which is intended for receiving push notifications on the iPhone. The connection to the APNS cannot be deactivated from the iPhone, except by turning off the network connection.

The connection with the wu.apple.com is unencrypted and can be traced back to the preinstalled share app. Background updates are enabled by default for the stocks app. However, this can be turned off in the system settings. From the conversation you can see which data is being queried, i.e. which stocks are of interest to the user.

Windows Phone

Overall, the device communicated with 25 endpoints (IP addresses) and established 69 connections, in which 1.76 megabytes Data was exchanged. More information about the conversations and connections:

  • For 31 of the 69 connections, the transport channel is encrypted with TLS.
  • 12 of the 25 endpoints have an IP address that is registered with Microsoft.
  • 6 of the 25 endpoints have an IP address registered with Akamai.
  • The remaining 7 IP addresses of the total of 25 conversations are distributed among Deutsche Telekom, EdgeCast Networks (CDN, belongs to Verizon), nebula (Finnish Internet provider), Verizon and Internet Assigned Numbers Authority (IANA) 8.
  • The longest conversation is with the host mscrl.microsoft.com under the url cs1.wpc. v0cdn.net (see below for more information), takes about 14 hours and starts within 90 seconds after the device is connected to the Internet. Based on the host name, it can be deduced that this is a service that is regularly called the Certificate Revocation List (CRL) updated [10]. The list contains certificates that are no longer valid and the reason for the invalidation. Certificates are used, among other things, to authenticate communication partners, e.g. web servers.

Among the compounds examined, the following stand out:
About 13 hours after the device is connected to the Internet, an encrypted connection to the host is established inference.location.live.net under the url inference.location.glbdns2.microsoft.com built up. Due to the encryption, the transmitted data cannot be read. However, the host name and various reports9) about the recording of location data indicate that this is a service for location determination. According to Microsoft, this service collects cellular information as well as information about wireless networks within range. If this data is actually recorded and sent, this is in contradiction to the minimum setup selected in the test, in which WLAN connection data is used to detect Secure WiFi in the area explicitly has been deactivated (see chapter 5.1.1, section Windows Phone).

The device also establishes a connection with the host about an hour after it was connected to the Internet statsfe2.update.microsoft.com on. The device then transmits the following information to the host, among other things: a (presumably) unique ID for the device, time stamp of the report, device type, operating system version and compatible processor architecture. The collection of this information is consistent with the information in the terms of use for the collection of so-called Standard information via the device (see section Windows Phone in Chapter 5.6).

Immediately after the device is connected to the Internet, an encrypted connection is also established to a server, its host name api.live.net reads. With the appropriate authorization, web services can use this address to access all data associated with a Microsoft account. The programming interface (API) is called much earlier than the request from the user to link the device to a Microsoft account while it is being set up.

  1. Transport Layer Security (TLS) is a cryptographic protocol that is used to secure communication connections on the Internet, e.g. when accessing online banking pages. [↩]
  2. For more information see http://www.cnet.com/news/microsofts-webmap-exposes-phone-pc-locations/ (last accessed on July 29, 2014 [↩]
  3. http://www.peer1hosting.co.uk/ (last accessed on July 29, 2014 [↩]
  4. http://www.hetzner.de/ (last accessed on July 29, 2014 [↩]
  5. For more information see http://www.google.com/doubleclick/ (last accessed on July 29, 2014). [↩]
  6. http://www.eyeball.com/products/stun-turn-ice-library/ (last accessed on July 29, 2014 [↩]
  7. http://www.eyeball.com/nat-traversal/ (last accessed on July 29, 2014 [↩]
  8. IANA is a US company that is responsible for assigning IP addresses on the Internet, among other things. For more information see https://www.iana.org/ (last accessed on July 29, 2014). [↩]
  9. See e.g. http://www.cnet.com/news/microsofts-web-map-exposesphone-pc-locations/ (last accessed on July 29, 2014 [↩]