• Please consider a small regular monthly sum, now possible under the new Donate tab! (NB - If all active MobiMembers Donate just £1/$1 per month it will cover our costs and help with expenditure for updates/improvements) A BIG THANK YOU to all our generous & supportive MobiMembers!
  • PLEASE READ THIS THREAD < Tap for linky - MobiTog still has a few minor updates/improvements to complete... :)

Discussion: Data Harvesting

rizole

In for it!
MobiSupporter
Real Name
Rizole
Device
Samsung
Off the back of this article:
https://www.techspot.com/news/77077-new-study-claims-data-harvesting-among-android-apps.html
I installed Netguard firewall on my phone yesterday out of interest.
I mean, I don't think it's news that everyone's out for our data and there are threads in this forum about that but I've found it interesting to see what apps are doing invisibly in the background on my phone.
The linked article is about Android but i notice the apple terms of service do not preclude this sort of thing.

So after 2 days with a firewall installed....
An app that is phoning home without having been launched for over 3 months is Perfect piano. It connects to an unknown address and to facebook.
Instagram keeps communicating without being launched. It talks to Instagram, Facebook and Doubleclick
YouTube keeps checking in with google and I never use it.
Nothing else has connected without being launched so far. That said, all the apps I've launched talk to google and Facebook. There's one app produced by a bus company that does too. It also talks to Doubleclick. The odd thing about that though is that there are no adverts in the app and no direct links to google or Facebook in it, its purely an informational app.
 

zenjenny

MobiStaff
Site Staff
Real Name
jen
Device
iPhone 6s Plus

terse

MobiLifer
MobiSupporter
Real Name
Ted
Device
iPhone Xs
It also talks to Doubleclick. The odd thing about that though is that there are no adverts in the app and no direct links to google or Facebook in it, its purely an informational app.
I guess it could be that the app is built on someone else's framework and the connection to DoubleTalk is an accidental leftover. Or maybe the bus company is scamming DoubleClick by creating fake click-throughs to make money. :lmao:
 

FundyBrian

MobiStaff
Site Staff
MobiSupporter
Real Name
Brian Townsend
Device
iPhone 8 Plus
My 365
My MobiTog 365
Off the back of this article:
https://www.techspot.com/news/77077-new-study-claims-data-harvesting-among-android-apps.html
I installed Netguard firewall on my phone yesterday out of interest.
I mean, I don't think it's news that everyone's out for our data and there are threads in this forum about that but I've found it interesting to see what apps are doing invisibly in the background on my phone.
The linked article is about Android but i notice the apple terms of service do not preclude this sort of thing.

So after 2 days with a firewall installed....
An app that is phoning home without having been launched for over 3 months is Perfect piano. It connects to an unknown address and to facebook.
Instagram keeps communicating without being launched. It talks to Instagram, Facebook and Doubleclick
YouTube keeps checking in with google and I never use it.
Nothing else has connected without being launched so far. That said, all the apps I've launched talk to google and Facebook. There's one app produced by a bus company that does too. It also talks to Doubleclick. The odd thing about that though is that there are no adverts in the app and no direct links to google or Facebook in it, its purely an informational app.
Spooky. Getting a bit too invasive.
 

FundyBrian

MobiStaff
Site Staff
MobiSupporter
Real Name
Brian Townsend
Device
iPhone 8 Plus
My 365
My MobiTog 365
Off the back of this article:
https://www.techspot.com/news/77077-new-study-claims-data-harvesting-among-android-apps.html
I installed Netguard firewall on my phone yesterday out of interest.
I mean, I don't think it's news that everyone's out for our data and there are threads in this forum about that but I've found it interesting to see what apps are doing invisibly in the background on my phone.
The linked article is about Android but i notice the apple terms of service do not preclude this sort of thing.

So after 2 days with a firewall installed....
An app that is phoning home without having been launched for over 3 months is Perfect piano. It connects to an unknown address and to facebook.
Instagram keeps communicating without being launched. It talks to Instagram, Facebook and Doubleclick
YouTube keeps checking in with google and I never use it.
Nothing else has connected without being launched so far. That said, all the apps I've launched talk to google and Facebook. There's one app produced by a bus company that does too. It also talks to Doubleclick. The odd thing about that though is that there are no adverts in the app and no direct links to google or Facebook in it, its purely an informational app.
How are you able to detect which are the culprits? And can you tell what sort of data they send? Any way to shut them off from doing that?
I know that several apps want to collect location data and that can be shut off on an app-by-app basis. Anytime an app collects location data an icon appears to alert you. If it seems OK then fine but if it seems questionable you can shut them off.
One thing you specifically want to avoid is giving FaceBook access to your address book or contacts. Or any other apps for that matter.
I suspect there are lots of apps out there whose primary function is to collect data and their disguise function is what gets people to install them. Remember the free flashlight app that sends your data to China every time you use the flashlight?
I wonder if those apps with links to FB and google get paid to insert that bit of snoop code into their apps.
 

rizole

In for it!
MobiSupporter
Real Name
Rizole
Device
Samsung
So after a few months I've settled on Blokada ad-blocker. It creates a VPN to block ads and trackers across the whole phone and all apps. As a bonus, it saves data too by not allowing apps to communicate home.
It's open source and available on Fdroid, which is like the Google play store but only has software that is open source and doesn't track you on your device.
I'd recommend it (android only) and have got the rest of the family to put it on their devices.

Here's what it's blocked and how many times each has tried phoning home on my phone in under 48 hours:

Google 880
Instagram 574
ads.nexage 519
misc 212
Adjust 138
Apptentive 136
crashlytics 93
Heyzap 71
Total 2623

I've not looked at the miscellaneous set in detail but putting that aside, that's 2318 attempts (the majority) to phone home to an advertising/marketing company.

So I work that out to be something on my phone sending data home every minute of everyday and, given I try to have clean data habits, I'm probably on the low side of data harvesting compared with your average user.

But assuming 1 ping home every minute from something, that's something like 525,600 pieces of data sent to some third party for every android user in the world, every year.
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
So after a few months I've settled on Blokada ad-blocker. It creates a VPN to block ads and trackers across the whole phone and all apps. As a bonus, it saves data too by not allowing apps to communicate home.
It's open source and available on Fdroid, which is like the Google play store but only has software that is open source and doesn't track you on your device.
I'd recommend it (android only) and have got the rest of the family to put it on their devices.

Here's what it's blocked and how many times each has tried phoning home on my phone in under 48 hours:

Google 880
Instagram 574
ads.nexage 519
misc 212
Adjust 138
Apptentive 136
crashlytics 93
Heyzap 71
Total 2623

I've not looked at the miscellaneous set in detail but putting that aside, that's 2318 attempts (the majority) to phone home to an advertising/marketing company.

So I work that out to be something on my phone sending data home every minute of everyday and, given I try to have clean data habits, I'm probably on the low side of data harvesting compared with your average user.

But assuming 1 ping home every minute from something, that's something like 525,600 pieces of data sent to some third party for every android user in the world, every year.
WOW. :flushed:
I wish the iPhone had an app like that.
 

rizole

In for it!
MobiSupporter
Real Name
Rizole
Device
Samsung
How are you able to detect which are the culprits? And can you tell what sort of data they send? Any way to shut them off from doing that?
I know that several apps want to collect location data and that can be shut off on an app-by-app basis. Anytime an app collects location data an icon appears to alert you. If it seems OK then fine but if it seems questionable you can shut them off.
One thing you specifically want to avoid is giving FaceBook access to your address book or contacts. Or any other apps for that matter.
I suspect there are lots of apps out there whose primary function is to collect data and their disguise function is what gets people to install them. Remember the free flashlight app that sends your data to China every time you use the flashlight?
I wonder if those apps with links to FB and google get paid to insert that bit of snoop code into their apps.
I have an answer to this now. I've found an app called ClassyShark3xodus which scans apps for known trackers so I can see quite clearly which apps are phoning home and where they phone home to.
It's clear from this why google appear so high on the block list above.
I won't list all my apps here but for example, my podcaster, a random music visualiser and my file manager all use a mix of Google analytics, Google Firebase analytics, Google Doubleclick and Google Ads. That's 4 separate google owned sites they report back to. The file manager also reports back to Facebook Analytics, Facebook login and Facebook Share.

So 3 apps report back to 3 analytics sites one login and 3 ad/marketing sites, which is 11 separate instances of phoning home.
Call me cynical but there's no way both facebook and google don't use the analytics they gather as market research. The word "Analytics" is handy way for Ad companies to rebrand, and so obfuscate, market research.
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
Yes, it's created a virtual private network so it can control what can and can't access the internet. Blokada does the same on my android. Not sure what the certificate does.
Okay... I’m so dense with this type of stuff I was all “What is that?? What’s happening??” :lol:
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
Cool, let me know how it does please.
One thing I’m now noticing that I hope can be easily fixed: I’ll open Facebook, or just now it was the Google app to search for something and I get a “Could not connect to the server” error message. I have cell service + WiFi (I’m at home) so I think it has to do with this new app. :triumph:
 

rizole

In for it!
MobiSupporter
Real Name
Rizole
Device
Samsung
One thing I’m now noticing that I hope can be easily fixed: I’ll open Facebook, or just now it was the Google app to search for something and I get a “Could not connect to the server” error message. I have cell service + WiFi (I’m at home) so I think it has to do with this new app. :triumph:
Here's their FAQ's. Check out the one called Whitelist and see if that fixes it for you.
There's also something on the certificate there as well I see.
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
Here's their FAQ's. Check out the one called Whitelist and see if that fixes it for you.
There's also something on the certificate there as well I see.
Hmmmm.... there is no Settings/Ad blocking. :confused: I also went to settings and searched for ad blocking but nothing popped up. There’s also nothing within Settings/Ad Clear to change other than Siri and Cellular Data.

https://www.seven.com/adclear-faq.php

A43E83DC-CE7F-4D06-9831-1AED9C1F3563.png
 

terse

MobiLifer
MobiSupporter
Real Name
Ted
Device
iPhone Xs
Hmmmm.... there is no Settings/Ad blocking. :confused: I also went to settings and searched for ad blocking but nothing popped up. There’s also nothing within Settings/Ad Clear to change other than Siri and Cellular Data.
I just downloaded it to have a quick look. The iOS version seems to be laid out differently, though at the moment I don't know if things are just in different places or if the iOS version doesn't have all the features of the Android version.

Most of the settings are controlled through the AdClear app itself, not through the iOS Settings app. In AdClear, if you go to About -> History, you'll see a list that includes blocked addresses (in red), and there you can add an address to the whitelist or blacklist. (There's probably an easier way, but that's the first thing I found.)

In iOS settings, the one thing you need to do is to turn on the content blocker for Safari (assuming you're using Safari rather than another browser). Go to Settings -> Safari -> Content Blockers to do that. (Content Blockers doesn't appear on the list unless you have a content blocker installed.)

I only see the VPN badge when I have wi-fi on. It disappears when I'm using the cell connection only (which is most of the time, on my phone).
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
In AdClear, if you go to About -> History, you'll see a list that includes blocked addresses (in red), and there you can add an address to the whitelist or blacklist. (There's probably an easier way, but that's the first thing I found.)
Thank you!! :notworthy:

It had this black listed...

48834968-5955-4799-AA5A-324C5639302E.jpeg


I added it to the white list but it’s still showing up red/black listed, even when I hit the in-app refresh button, close app/reopen. Bergh.
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
In iOS settings, the one thing you need to do is to turn on the content blocker for Safari (assuming you're using Safari rather than another browser). Go to Settings -> Safari -> Content Blockers to do that. (Content Blockers doesn't appear on the list unless you have a content blocker installed.)
Yes, I had done that.

I only see the VPN badge when I have wi-fi on. It disappears when I'm using the cell connection only (which is most of the time, on my phone).
Oh! I’ll have to keep an eye out to see if that’s what mine does.
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
Just a thought... did you take it off the black list as well as add it to the white?
That never would have occurred to me! So I went back...

D1576266-A558-4BAE-81A9-4998C5B14D79.jpeg


According to the above nothing is on the black list.

See below for the white list. And it’s still showing up on the main page as red. :mad:

5D305C3C-FFD7-45FD-8ADA-080A568EABD9.jpeg



CBC52E71-7F26-4D84-BAF4-10E0E1A68C36.jpeg
 

RoseCat

MobiStaff
Site Staff
MobiSupporter
Real Name
Catherine
Device
iPhone 7 Plus
Also, it seems like you can only check one of these.... you’d think you could check the boxes for them all? What are the differences?

BF356858-4049-49FC-BAEE-A7213C2913A3.png
 
Top