/e/OS: unwanted connections
Hello. I'm planning to write a little research article about /e/OS's privacy. I've analyzed traffic, generated by /e/OS and found some interesting requests to unknown hosts:
| DNS-name | IP-address | Protocol | Data |
|---|---|---|---|
| cloud.blazing.de | 85.220.190.246 | QUIC | Protected payload |
| app.goo.gl | 142.250.185.142 | TLS | Protected payload |
| path2.xtracloud.net | 54.70.12.181 | TLS | Protected payload |
| xtratime.xboxprod.xtracloud.net | 35.91.218.188 | QUIC | Protected payload |
This connections aren't appear, when I add my custom CA to system. All another connections decrypted and seems to be valid.
I've read docs about /e/OS connections described here:
- https://doc.e.foundation/support-topics/e-os-connection-details
- https://doc.e.foundation/calls_to_google_servers.html
But there are no any information about this "unwanted" connections. Please, give me any information about sending data to this domains and why it happens. Thank you.
Environment:
Phone: OnePlus Nord(AC2001)
OS: /e/OS 2.2-s-20240715417774-stable-avicii (Official)Additional info:
- Niktrokey's note(may be related to
*xtracloud.net): https://www.nitrokey.com/news/2023/smartphones-popular-qualcomm-chip-secretly-share-private-information-us-chip-maker