BlackBerry Hub+ Telemetry Service analysis
- Here is an analysis of the BlackBerry Telemetry Service, found in BlackBerry Hub+ Services. The discussion about the telemetry service initially started here
MANAGEMENT SUMMARY
Blackberry Telemetry Service is a background service that collects user behaviour data. The services is automatically started right after installation of Hub+ Services. It is accompanied by a native code library called libtelemetrycore.so, which is installed to the device during app installation. That library fetches a server list from https://www.blackberry.com/app_inclu...ices_uiv1.prop, which defines what servers need to be contacted to send the telemetry data. The library also generates a unique device pin, whose exact purpose is unknown.
Right after the first startup of Hub+ Services, the telemetry service starts to collect data and sends it to the BlackBerry servers.
The following servers are receiving data:
- https://ccl.eval.blackberry.com
- https://ccl.blackberry.com
The transferred telemetry data is wrapped into a JSON format, gzipped to reduce size and sent over a secure SSL connection.
Telemetry is triggered by various apps of the BlackBerry Hub+ suite when you are performing specific actions in an app. BlackBerry calls these actions 'events'. An event for example would be to open Calendar app (event 1) and then in Calendar app go to the settings dialog (event 2). The telemetry service caches the events locally and sends them to the server by occasion.
Example of data being sent on user events (ccl.eval):
Code:Telemetry: [Headers={Content-Type: application/x-www-form-urlencoded, Authorization: Basic Y2NsOnovSmE1L1lRMFBHcVM5YVRHZStHYkRBemdZakw2OVcxSm9WWGZsSnREdU09}] Telemetry: Url=https://ccl.eval.blackberry.com/ccl/auth Telemetry: [Headers={Content-Type: binary/octet-stream, X-Carpathia-Api-Auth: OAuth client_id=ccl, token_type=urn:rim:dreams:api:bearer, token=b1cc22ca-7499-4ba0-abdf-b37b62b03f11%3B1511999420376%3Bhttp%3A%2F%2Fccl.blackberry.com%3A8080%2Fccl%2Fauth%3BHMAC_SHA1%3AM1VYUnJiuW%2BQd1NRAeWYGUTsxj4%3D, Content-Encoding: gzip}] Telemetry: Url=https://ccl.eval.blackberry.com/ccl/client-data Telemetry: Content={"header":{"devicename":"zerolte","platform":"Android","incremental":"G925FXXU5EQJA","software":"7.0","hardwareid":"zeroltexx","cclversion":"1.0.0","jsonversion":"1.1","pin":"LDxykrShOJ3aEIK0qaMdkLyB50jfmsDxD.truncated","langcountrycode":"de","language":"German","timezone":"Europe/Zurich","carrier":"Swisscom","cellularType":"LTE","mcc":"228","mnc":"01","isproductiondevice":"true","userid":"0","ismanagedprofile":"false","manufacturer":"samsung","licensestate":"paid"},"batchevents":[{"appbatch":{"appname":"BlackBerry Calendar","appversion":"1.5.6.13927","appevents":[{"sessionid":"1649","source":"weekView","category":"button","time":"1511912051932","eventDesc":"onButtonClicked","action":"clicked","eventid":"onStructuredEvent","label":"navigationOpened"},{"sessionid":"1649","source":"weekView","category":"menuItem","time":"1511912078258","eventDesc":"onMenuItemClicked","action":"clicked","eventid":"onStructuredEvent","label":"work_week"},{"sessionid":"1649","eventDuration":"35689","source":"weekView","category":"content","time":"1511912078354","action":"viewed","eventid":"onStructuredEvent","eventStart":"317158434","eventDesc":"onContentViewed","eventEnd":"317194123"},{"sessionid":"1649","source":"workWeekView","category":"button","time":"1511912082656","eventDesc":"onButtonClicked","action":"clicked","eventid":"onStructuredEvent","label":"navigationOpened"},{"sessionid":"1649","source":"workWeekView","category":"menuItem","time":"1511912083501","eventDesc":"onMenuItemClicked","action":"clicked","eventid":"onStructuredEvent","label":"settings"},{"sessionid":"1649","category":"setting","time":"1511912083873","eventid":"onStructuredEvent","action":"modified","label":"tone","tone":"St..............................................s)","eventDesc":"onSettingModified"},{"sessionid":"1649","eventDuration":"12037","source":"workWeekView","category":"content","time":"1511912090388","action":"viewed","eventid":"onStructuredEvent","eventStart":"317194121","eventDesc":"onContentViewed","eventEnd":"317206158"}]}} telemetry_native: TransportManager sendData Http post result: 200
Code:Telemetry: [Headers={Content-Type: binary/octet-stream, X-Carpathia-Api-Auth: OAuth client_id=ccl, token_type=urn:rim:dreams:api:bearer, token=b1cc22ca-7499-4ba0-abdf-b37b62b03f11%3B1511999420376%3Bhttp%3A%2F%2Fccl.blackberry.com%3A8080%2Fccl%2Fauth%3BHMAC_SHA1%3AM1VYUnJiuW%2BQd1NRAeWYGUTsxj4%3D, Content-Encoding: gzip}] Telemetry: Url=https://ccl.blackberry.com/ccl/client-data Telemetry: Content={"header":{"devicename":"zerolte","platform":"Android","incremental":"G925FXXU5EQJA","software":"7.0","hardwareid":"zeroltexx","cclversion":"1.0.0","jsonversion":"1.1","pin":"LDxykrShOJ3aEIK0qaMdkLyB50jfmsDxD.truncated","langcountrycode":"de","language":"German","timezone":"Europe/Zurich","carrier":"Swisscom","cellularType":"LTE","mcc":"228","mnc":"01","isproductiondevice":"true","userid":"0","ismanagedprofile":"false","manufacturer":"samsung","licensestate":"paid"},"batchevents":[{"appbatch":{"appname":"telemetry","appversion":"1.0.0","appevents":[{"eventid":"onConsentChange","globalconsent":"true","source":"telemetry","time":"1511911809000"}]}}]} telemetry_native: TransportManager sendData Http post result: 200
Last edited by Cobalt232; 12-10-17 at 08:22 AM.
11-28-17 07:20 PMLike 3 - Where are the BB10 defenders?? This can't be .... I'm no IT person but doesn't this shoot down the whole Android/IOS=Evil : BB=Good thinking?galifreiankid likes this.11-29-17 06:40 AMLike 1
-
-
-
The extra layer of trying to monetize that is immaterial as far as security is concerned, as no private information ever leaves those servers (at least not with Google's model).11-29-17 08:03 AMLike 0 - Replace BlackBerry in that sentence with anyone else and the screeching from CB will pierce the sky.BigAl_BB9900 likes this.11-29-17 08:41 AMLike 1
-
I say if you'll let BB do it, then quit complaining that Google is doing it.11-29-17 09:02 AMLike 0 - What's the difference? The fact is they have a repository of information collected about you and from you.
The extra layer of trying to monetize that is immaterial as far as security is concerned, as no private information ever leaves those servers (at least not with Google's model).i_plod_an_dr_void likes this.11-29-17 10:57 AMLike 1 -
- Thanks to All above. This is what I was bringing up. Everybody acts like data collection is this evil action or idea but it's ok for BB to do as if BB operates by some different moralistic almost pious standard.
I say if you'll let BB do it, then quit complaining that Google is doing it.
BB’s business model isn’t dependent on collecting every possible point of personal data it can and monetizing it.i_plod_an_dr_void likes this.11-29-17 11:00 AMLike 1 - 11-29-17 12:50 PMLike 0
- Do the connections to ccl occur regardless of the overall BlackBerry Diagnostics Setting?
Using netguard I've only noticed the ccl servers via BB Hub+ services if I also turn on bb diagnostics.
Any idea what the connection to 74.84.72.235 and .232 is for from Hub+ Services?11-29-17 07:06 PMLike 0 - Bla1zeCB OGMeh. Hard to say if it's too much without knowing the full extent. I can see they capture your device, carrier, connection and some other arguably trivial data but are they capturing any contents of your communications or anything along those lines? Google tracks every app you use on your device already, so its a bit of an extension of that as far as I can tell. Certainly nothing here that disturbs me more so than anything else.11-30-17 06:11 PMLike 0
- So if I see alone the data showed here means they can recreate my whole calendar on their servers even that my calendar is hosted on my own personal server at home, that is ridiculous and that's only a small snippet posted there.
What about Tasks/Notes/Hub-Email(even work)/keyboard...
The amount of data transfered here would be too much if it would be transfered in a bug reporting case, but if that is the case in normal operation it is disgusting for an app-suite of a company telling me privacy in important.
I know "there is Google" , "the world is that way now" but this really freaks me out and AFAIK I have no opt-out on BlackBerry devices here.
I heared "Cobalts suite" have that Telemetry removed, perhaps I have to install unofficial suite then on my paid device.12-01-17 01:30 AMLike 0 -
My Hub+ download is from Google Play and I have an active subscription, I'm assuming you're testing with your own apps?12-01-17 11:04 AMLike 0 - I just updated the first post with more findings. Check out this link:
https://www.blackberry.com/app_inclu...ices_uiv1.prop12-01-17 12:15 PMLike 0 - 12-01-17 01:36 PMLike 0
- Telemetry data is also being collected in a F1 car to improve handling and performance. So why not do this in an app. Also, there is no personal data being transmitted.
I would say that it's acceptable.i_plod_an_dr_void and spiculated like this.12-01-17 02:18 PMLike 2 -
12-01-17 02:55 PMLike 0 -
12-01-17 02:55 PMLike 0 -
The netguard App reported some strange connections being made by the bb keyboard, but maybe they were glitches in the firewall filtering?
Thanks again for your help12-06-17 08:28 PMLike 0 -
- Forum
- Android BlackBerry Phones & OS
- BlackBerry Android OS
- BlackBerry HUB+ Suite
BlackBerry Hub+ Telemetry Service analysis
« BlackBerry hub group email issue - on behalf of
|
Cancelled Hub for good. Any similar apps out there? »
Similar Threads
-
Skype for my Blackberry Classic
By CrackBerry Question in forum Ask a QuestionReplies: 5Last Post: 12-28-17, 08:12 PM -
BlackBerry updated BB10 BBM to kill voice calls!
By YesAndNo in forum General BlackBerry News, Discussion & RumorsReplies: 35Last Post: 12-18-17, 05:34 PM -
BlackBerry Classic and device passcodes
By LM28 in forum Ask a QuestionReplies: 4Last Post: 12-04-17, 01:37 AM -
screen lift. Vodafone UK or blackberry?
By James Cowin in forum BlackBerry KEYoneReplies: 5Last Post: 12-03-17, 01:23 PM -
BlackBerry 10 browser malfunction
By cliffordpilane in forum BlackBerry Z30Replies: 15Last Post: 12-01-17, 09:39 PM
LINK TO POST COPIED TO CLIPBOARD