After getting the crash issue resolved (it is now fixed), I tested this to see how it behaves by using PCAPdroid. I also attempted to decrypt the traffic, to see what it sends.
This is the traffic analysis:
Type
Port
IP version
Size
Status
DNS
53
IPv4
Random >120 B
Closed (Good)
TLS
443
IPv6
120 B
Unreachable
HTTPS
443
IPv4
Usually 2.4 KB
Error (Did not trust my decryption certificate)
It sends to a random list of hosts, all of which are listed here:
I was about to make a pull request to expand the list to the top 109 websites, but the developer blocked me from all interactions because I “spammed too many issues” (I opened 5 and they were all legitimate). Buggy software gets multiple bug reports, what a surprise… The software (or at least the idea) has a lot of potential, but a lot of work and care needs to be put into it.
After getting the crash issue resolved (it is now fixed), I tested this to see how it behaves by using PCAPdroid. I also attempted to decrypt the traffic, to see what it sends.
This is the traffic analysis:
It sends to a random list of hosts, all of which are listed here:
https://4chan.org
https://www.reddit.com
https://www.yahoo.com
https://www.cnn.com
https://pornhub.com
https://www.ebay.com
https://wikipedia.org
https://youtube.com
https://github.com
https://medium.com
https://thepiratebay.org
After digging through the code, here is the file with a list of hosts. It also seems to randomly generate user agents, which is good.
The developer blocked me from opening issues on all of his projects.
now that i see that list, the app became a lot less interesting :/
i used to use a firefox addOn that had the same function, but it created noise by “clicking” on random links starting from a user defined page
I was about to make a pull request to expand the list to the top 109 websites, but the developer blocked me from all interactions because I “spammed too many issues” (I opened 5 and they were all legitimate). Buggy software gets multiple bug reports, what a surprise… The software (or at least the idea) has a lot of potential, but a lot of work and care needs to be put into it.
Maybe you need 2FA on your GitHub account before you can do that. GitHub has made it a requirement for almost all the “dev” stuff.