Blackberry Diagnostics and Telemetry Services
- Hello,
Did a search and while others have asked the same question, it's never been answered.
Does anyone know why these services are running, despite Blackberry Diagnostics being selected off under settings?
Blackberry Hub+ Services has a running service called TelemetryService which runs constantly. I've noticed this service is present in all of their apps like Password Keeper.
Under Cached Background Processes, Blackberry Diagnostics is always present, and returns if stopped.
Can anyone confirm if these apps are phoning home? and if they are, what information they are sending, and if that's the case, why their processes are running even though Diagnostics is supposed to be deactivated?
Thank you
- A blackberry fan who doesn't like seeing the word Telemetry on a "secure/private" Blackberry.gizmo21 likes this.10-20-17 04:21 PMLike 1 - Following the techniques used by a blogger who recently discovered the One+5 was sending home far more data than it should - and prompting the co-founder to make a statement https://www.tomsguide.com/us/oneplus...ews-25968.html - I've found that Blackberry HUB+Services are indeed periodically contacting a blackberry server, but can't figure out what is being sent. I've tried 3 pieces of software: Zap, Charles, and SSL packet capture. While Zap and Charles have revealed interesting things about other apps I have installed, only SSL packet capture is able to reveal the BB Hub+services connection, but the app doesn't reveal what is being sent.
Anyone with more expertise around here who might be able to shine some light on this?10-21-17 08:23 PMLike 0 - I've played around with no-root firewall apps. These apps have allowed me to block all the unwanted connection requests coming from my Keyone - and there are a lot more than I thought there would be.
Unfortunately, these no-root firewall apps require the VPN service, which means a true VPN app can't run at the same time. The only way around this is to use a Root-require firewall app that works without the VPN service.
So, using a firewall app I've been able to block what I suspect are the unwanted telemetry connections phoning home to BB from the BB Hub+Services app suite, leaving just the proper connections to my email server.
I've also noticed that BBM Enterprise makes a lot of connection attemps to a number of Mixpanel servers (sometimes one every second - I assume its because I've blocked it and its trying to connect to different servers). This was noted by another crackberry user regarding BBM and the BB Shop. https://forums.crackberry.com/blackb...-proof-981845/
The Mixpanel component was monitoring all the screen taps and what was done from within the BBM app, and sending it back to their servers.
I'm disappointed to see the same connections being made from within the BBM Enterprise app, although I have no idea what is being reported since the BB shop no longer exists.
A recent thread was started under the Keyone forum discussing if BB could create an embedded Firewall app. I think that is a fantastic idea and it would be cool if it was combined with DTEK somehow.
https://forums.crackberry.com/blackb.../#post13030686Last edited by chetmanley; 10-28-17 at 10:07 AM.
10-28-17 09:56 AMLike 0 - Thought I'd post an update about what I've found while using two firewall apps over the last month.
Blackberry Hub+Services: Makes legit connections to my email servers. But also makes a connection back to BB which appears to be completely not required for the function of the app. I think this connection relates to the ever present BB Telemetry Service - I'm not sure what its sending, but when it does connect it uploads 1.5kb and downloads 6.5kb.
BBM Consumer: Oh boy - where to begin.
Simply opening the application results in the following connections:
Taobao - appears to be a chinese e-commerce site
Crashlytics
Alipay - Chinese payments
Yimg - "Yimg.com is a domain which is used by yahoo buzz.It is an widget company and a part of networking sites and other technologies used for user tracking."
Liftoff.io App marketing/advertising and analytics
Plus the required BBM servers for messages, channels, etc.
Once on the feeds page we get the following:
Google double click
Analisis.io
And on the Discover page you get many more advertising, tracking, and analytic connections:
Facebook
Mixpanel - has been previously documented by another Crackberry user who found that on BB10 BBM, it would connect with mixpanel server every time the screen is touched in the BBM Shop.
And a whole host more....
BBM Enterprise:
Much better than BBM consumer- it only connects to BBM Enterprise servers, but it still makes a connection to a Mixpanel server, even though the shop no longer exists...
BB Keyboard:
Regularly connects to Swiftkey to get language pack updates, but I've also found it connects to media-assets-01.thedrum.com
Not sure why a keyboard application needs to connect to thedrum.com ?
Not sure if its a glitch with the firewall reporting, but it also reports a connection to
firefox.settings.services.mozilla.com
a cloudfront server
a sharethrough server - more advertising?
Blackberry.ddt.checkin:
Despite having Diagnostics turned off, this application seems to be making connections back to a blackberry server ifs.blackberry.com
That's about it for BB Applications.
On the Android OS side of the house, under "Android System" the phone makes regular connections to TCL servers for AOTA, mozilla, jwplatform - media delivery?, Qualcomm Izat cloud (which I think is for updating the gps constellation, and hopefully not for their telemetry purposes as can be seen on the Priv), apptimize.com and a few others including Pool which is a time reference server.
And for other applications like weather apps, adobe, and google maps/photos and Here maps..... basically every app you install with internet connectivity - its making connections to facebook, google, 3rd party analytics providers and advertisers.
So even if you turn off every permission an application can have access to, that application can still phone home with whatever system info it can scrape off you device - ip addresses, wifi/bluetooth access point names, etc..
To summarize - if you want a truely private device, you need to get a phone you can root. Install a firewall application, and run a simultaneous VPN to obscure you connections from your service provider or hotel etc...
Sadly, while a BB might be secure - its not very private. We can run noroot firewall applications to control the flood of connections being made without our knowledge, but without root access, we can't implement all the functions needed to maximize privacy.Last edited by chetmanley; 11-24-17 at 06:28 PM.
11-24-17 06:13 PMLike 4 - Thx all for the insight of privacy taken a bit lightly on BlackBerry Apps.
Would be interesting to know if BlackBerry Hub+ Suite for non-BB devices starts the same Telemetry service and if on a rootable device a root-firewall could gather even more data on this topic (even if perhaps the apps differ from the preinstalled bb-device versions).jamesharmeling likes this.11-25-17 07:41 AMLike 1 - I just realized I should point out I'm not running Google Play Services on my Keyone. So I didn't include any of those connections, but I have been watching them on my Priv which does have GPS.
You can probably guess - no surprise here - with GPS active, the Priv makes many many connections back to google. Here are a couple examples
adservice.google
google-analytics
ads.doubleclick
and many more google servers
I also forgot to mention that BB Hub, while it doesn't appear to make any connections in and of itself, all your emails from companies do make connections. Most emails phone home in some shape or form, or to 3rd parties. With the firewall you can block these connections from the HUB, and just get the pure email content.
Here are some examples of connections made by a few popular apps - just going to include the advertising and tracking:
Microsoft Office (word/powerpoint/excel)
adjust.com (anayltics)
Adobe Acrobat
Two facebook servers
Office Suite
Facebook
google tag manager
data.flurry.com
google-analytics
graph.facebook.com
Google Photos
google-analytics.com
app-measurement.com
Rosetta Stone
graph.facebook.com
crashlytics
doubleclick
adobe dtm (tracking and pixel tags)
appboy
googleadservices
googleapis.com
Shazam
graph.facebook.com
scorecardresearch.com
beacon.shazam.com
Anyway - the list goes on and on. My hope here is that by sharing what I've learned it will shed some light on what goes on behind the scenes on our devices. I think we all knew this was happening, but to actually see it happening live while you use your phone sorta drives the point home.
Hopefully Blackberry can take their DTEK app a step further by incorporating some sort of Firewall functionality as already discussed, and live up to their old Priv ad of "The Privilege of Privacy" ....lol11-25-17 08:09 AMLike 0 - Thx all for the insight of privacy taken a bit lightly on BlackBerry Apps.
Would be interesting to know if BlackBerry Hub+ Suite for non-BB devices starts the same Telemetry service and if on a rootable device a root-firewall could gather even more data on this topic (even if perhaps the apps differ from the preinstalled bb-device versions).
The firewall app I'm using now which has provided the most info on the server names is Netguard. Its 10$ from google play to get all the features, or you can buy it from him directly for a donation if you dont have google play installed.11-25-17 08:33 AMLike 0 - I blame the evil corporations and their insidious scheme to make profits to pay their employees and shareholders.11-25-17 09:27 AMLike 0
-
I'm sure BBOS and BB10 devices do the same (we know BB10 BBM does in any case), but when Blackberry offers an option to disable diagnostics, but the phone still runs telemetry services and appears to be phoning home, that is very misleading.
Unfortunately I don't have the skills or the technical background to dig into this much further to figure out what is being sent. So unless BB comes forward to clear the air, I'm going to assume the worst. Maybe nothing is being sent at all, but like has been proven with the One+5, and recently Google regarding location tracking, perhaps everything is being sent...
So, yes, I think it would be shocking to most users who assume Android Permissions are the be all and end all of data collection control, and that if they have them toggled off, they are safe. In fact some of my friends don't even realize those permissions exist yet.
Just because its happening, doesn't mean we should accept it. There will always be users out there who don't put in the effort to get smart on these issues, and the data collectors will always be there to scoop up what ever they can at their expense. But for the few of us who do care, we should be given the option to control this information beyond what is made available to us at present.G_Unit MVP and anon(10321802) like this.11-25-17 09:31 AMLike 2 - Good research OP. I tried NetGuard on my non BB Android phone with Hub+ services from Google Play installed and I was able to replicate your tests (it only connected to my email accounts and a blackberry domain). Hub+ doesn't seem to have a running telemetry services on my phone so it could be for something else (checking available apps?).11-25-17 10:06 AMLike 0
- Thought I'd post an update about what I've found while using two firewall apps over the last month.
Blackberry Hub+Services: Makes legit connections to my email servers. But also makes a connection back to BB which appears to be completely not required for the function of the app. I think this connection relates to the ever present BB Telemetry Service - I'm not sure what its sending, but when it does connect it uploads 1.5kb and downloads 6.5kb.
BBM Consumer: Oh boy - where to begin.
Simply opening the application results in the following connections:
Taobao - appears to be a chinese e-commerce site
Crashlytics
Alipay - Chinese payments
Yimg - "Yimg.com is a domain which is used by yahoo buzz.It is an widget company and a part of networking sites and other technologies used for user tracking."
Liftoff.io App marketing/advertising and analytics
Plus the required BBM servers for messages, channels, etc.
Once on the feeds page we get the following:
Google double click
Analisis.io
And on the Discover page you get many more advertising, tracking, and analytic connections:
Facebook
Mixpanel - has been previously documented by another Crackberry user who found that on BB10 BBM, it would connect with mixpanel server every time the screen is touched in the BBM Shop.
And a whole host more....
BBM Enterprise:
Much better than BBM consumer- it only connects to BBM Enterprise servers, but it still makes a connection to a Mixpanel server, even though the shop no longer exists...
BB Keyboard:
Regularly connects to Swiftkey to get language pack updates, but I've also found it connects to media-assets-01.thedrum.com
Not sure why a keyboard application needs to connect to thedrum.com ?
Not sure if its a glitch with the firewall reporting, but it also reports a connection to
firefox.settings.services.mozilla.com
a cloudfront server
a sharethrough server - more advertising?
Blackberry.ddt.checkin:
Despite having Diagnostics turned off, this application seems to be making connections back to a blackberry server ifs.blackberry.com
That's about it for BB Applications.
On the Android OS side of the house, under "Android System" the phone makes regular connections to TCL servers for AOTA, mozilla, jwplatform - media delivery?, Qualcomm Izat cloud (which I think is for updating the gps constellation, and hopefully not for their telemetry purposes as can be seen on the Priv), apptimize.com and a few others including Pool which is a time reference server.
And for other applications like weather apps, adobe, and google maps/photos and Here maps..... basically every app you install with internet connectivity - its making connections to facebook, google, 3rd party analytics providers and advertisers.
So even if you turn off every permission an application can have access to, that application can still phone home with whatever system info it can scrape off you device - ip addresses, wifi/bluetooth access point names, etc..
To summarize - if you want a truely private device, you need to get a phone you can root. Install a firewall application, and run a simultaneous VPN to obscure you connections from your service provider or hotel etc...
Sadly, while a BB might be secure - its not very private. We can run noroot firewall applications to control the flood of connections being made without our knowledge, but without root access, we can't implement all the functions needed to maximize privacy.chetmanley and MBrettH like this.11-25-17 10:37 AMLike 2 - Good research OP. I tried NetGuard on my non BB Android phone with Hub+ services from Google Play installed and I was able to replicate your tests (it only connected to my email accounts and a blackberry domain). Hub+ doesn't seem to have a running telemetry services on my phone so it could be for something else (checking available apps?).
I've noticed some differences between the Priv and the Keyone regarding what is shown under Running Services.
See below (Priv on the left, keyone on the right). Both show the same services, but in very different ways.
Dataminer - really?11-25-17 11:00 AMLike 0 -
Licensing in BlackBerry Enterprise Service 10 version 10.1
Data mining doesn't have to be a "dirty" word, it's really just the practice of analyzing data.
Edit: I've stopped the LicenseState service and now the only connection being made is to my email servers so that might be what it's used for.
Edit 2: Just saw that there is a telemetry service running under a separate Hub+ listing called "com.blackberry.infrastructure:telemetry" but NetGuard isn't picking anything up now that the LicenseState service is stopped. It could be running but not actually doing anything?Last edited by Invictus0; 11-25-17 at 11:55 AM.
anon(9803228) likes this.11-25-17 11:32 AMLike 1 - Probably, Hub+ is running a service called "LicenseStateMonitorService" and that URL/port seems to be where BlackBerry's license checks for BES occur so it might for Hub+ as well.
Licensing in BlackBerry Enterprise Service 10 version 10.1
Could be a Marshmallow vs Nougat thing? Are you sure all telemetry services are disabled?
Data mining doesn't have to be a "dirty" word, it's really just the practice of analyzing data.
Edit: I've stopped the LicenseState service and now the only connection being made is to my email servers so that might be what it's used for.
Edit: just discovered a new Hub+ Services connection on my Priv (no accounts added to Hub+) ccl.eval.blackberry.com (74.82.74.2)
I'm sure I've covered all the options for telemetry services on my keyone, I don't think I've missed any.11-25-17 11:55 AMLike 0 -
Check out the update to my previous post. If you enable BlackBerry specific telemetry on your device and stop the license service, do you see any new connections with NetGuard?11-25-17 12:02 PMLike 0 - It's actually not showing me an IP, just the URL. I'm using the free version of NetGuard so that could be why.
Check out the update to my previous post. If you enable BlackBerry specific telemetry on your device and stop the license service, do you see any new connections with NetGuard?
On both my Priv and Keyone I've turned on BB Diagnostics to see what changes occur. So far nothing new on the Keyone, but on the priv I started to see the CCL.Blackberry connection. How to import IT Policy Rule for disabling CCL Data Collection
I'm going to wait out and see if I get more of these connections, and how often they occur. If they occur regularly, I'll then turn diagnostics back off and see if they stop.
As for stopping the telemtry and license services - I didn't see a change in the connections. It was still pinging 74.82.72.232 or 235. But something I hadn't seen until stopping those services was a connection to Crashlytics. I guess stopping the services triggered this connection. It's also possible that stopping the services is so temporary that I don't see a difference in the connections being made because the system restarts the service.
Will keep ya posted with what I find.11-25-17 12:17 PMLike 0 -
- Those are just "placebo switches". The user can toggle them on or off, and Google couldn't care less, they keep doing whatever they want.chetmanley and MBrettH like this.11-25-17 12:39 PMLike 2
- Here is what I've found on both the keyone and priv.
With BB Diagnostics turned on, connections begin to appear to two servers:
ccl.eval.blackberry.com (74.82.74.2)
ccl.blackberry.com (74.82.74.1)
A quick google search yields that CCL has something to do with "context collection library data collection" across all apps.
How to import IT Policy Rule for disabling CCL Data Collection
These connections don't appear under the Blackberry Diagnostics App, but instead they flow through BB Hub+ Services which is surprising.
This conclusion is supported by the fact that com.blackberry.dm runs under Hub+Services when diagnostics is disabled (See right screen shot above of keyone).
When Diagnostics is enabled, then com.blackberry.dm appears as its own service (Left screenshot of the priv) which can be individually stopped (although it restarts).
So it appears that BB Diagnostics is using the Hub+Services app to make connections back to blackberry when diagnostics are turned on.
This still doesn't explain what the other Hub+Services connections to blackberry are however. These connections are not required to run the app.
(74.82.72.232 and 235)
The two theories discussed so far are Telemetry (for blackberry apps), License Verification, or maybe both since more than one BB IP is being connected to.
As was suggested by @Invictus0, I tried stopping both services to see if the connections stopped, but the phone just restarts the services. So I can't tell if those services are linked to the connections being made.
So in summary:
If you have BB Diagnostics switched off - it appears that it does indeed switch off, and no connections regarding BB Diagnostics are made.
(Although com.blackberry.dm still appears to run, just now within Hub+Services)
Verdict still out on if Hub+Services suite apps send telemetry or not.11-25-17 01:56 PMLike 0 - Yea you need the full version to get all the IP filtering and traffic logs.
On both my Priv and Keyone I've turned on BB Diagnostics to see what changes occur. So far nothing new on the Keyone, but on the priv I started to see the CCL.Blackberry connection. How to import IT Policy Rule for disabling CCL Data Collection
I'm going to wait out and see if I get more of these connections, and how often they occur. If they occur regularly, I'll then turn diagnostics back off and see if they stop.
As for stopping the telemtry and license services - I didn't see a change in the connections. It was still pinging 74.82.72.232 or 235. But something I hadn't seen until stopping those services was a connection to Crashlytics. I guess stopping the services triggered this connection. It's also possible that stopping the services is so temporary that I don't see a difference in the connections being made because the system restarts the service.
Will keep ya posted with what I find.
Follow Up: Web Security Analysis & Brief How To – FileArchiveHaven
I haven't seen a NetGuard alert for the CCL URL yet but I'll let you know if it pops up.11-25-17 02:13 PMLike 0 -
- Is it actually sending back telemetry data though? We'd have to check using a program like Fiddler or Wireshark. I don't know if he's still an active member but KermEd did something similar a few years on BB10.
Follow Up: Web Security Analysis & Brief How To – FileArchiveHaven
I haven't seen a NetGuard alert for the CCL URL yet but I'll let you know if it pops up.
I've actually had better luck with SSL packet capture on android (by the same dev who made noroot firewall). It shows whats inside some google packets, but not whats inside BB packets.11-25-17 03:29 PMLike 0 - You are still being tracked be it your carrier, wifi, or websites you visit. It's unavoidable really.11-25-17 03:38 PMLike 0
- Forum
- Android BlackBerry Phones & OS
- BlackBerry Android OS
- BlackBerry HUB+ Suite
Blackberry Diagnostics and Telemetry Services
Similar Threads
-
Blackberry Motion & What's next?
By Bleeks81 in forum BlackBerry MotionReplies: 29Last Post: 10-28-17, 05:48 PM -
Is it possible to install blackberry os 10.3 on BlackBerry priv..any how???
By PIJUSHBEN10 in forum Ask a QuestionReplies: 3Last Post: 10-22-17, 04:53 PM -
Snapchat on Blackberry Classic
By XxhamoodZX in forum BlackBerry 10 OSReplies: 6Last Post: 10-20-17, 07:59 PM -
How to back up your BlackBerry KEYone
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 0Last Post: 10-20-17, 02:40 PM -
TELUS now offering the BlackBerry KEYone in Space Black
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 0Last Post: 10-20-17, 12:50 PM
LINK TO POST COPIED TO CLIPBOARD