[Cobalt232]

Here is an analysis of the BlackBerry Telemetry Service, found in BlackBerry Hub+ Services. The discussion about the telemetry service initially started here

MANAGEMENT SUMMARY

Blackberry Telemetry Service is a background service that collects user behaviour data. The services is automatically started right after installation of Hub+ Services. It is accompanied by a native code library called libtelemetrycore.so, which is installed to the device during app installation. That library fetches a server list from https://www.blackberry.com/app_inclu...ices_uiv1.prop, which defines what servers need to be contacted to send the telemetry data. The library also generates a unique device pin, whose exact purpose is unknown.

Right after the first startup of Hub+ Services, the telemetry service starts to collect data and sends it to the BlackBerry servers.

The following servers are receiving data:
- https://ccl.eval.blackberry.com
- https://ccl.blackberry.com

The transferred telemetry data is wrapped into a JSON format, gzipped to reduce size and sent over a secure SSL connection.

Telemetry is triggered by various apps of the BlackBerry Hub+ suite when you are performing specific actions in an app. BlackBerry calls these actions 'events'. An event for example would be to open Calendar app (event 1) and then in Calendar app go to the settings dialog (event 2). The telemetry service caches the events locally and sends them to the server by occasion.

Example of data being sent on user events (ccl.eval):

Code:

Telemetry: [Headers={Content-Type:  application/x-www-form-urlencoded, Authorization:  Basic Y2NsOnovSmE1L1lRMFBHcVM5YVRHZStHYkRBemdZakw2OVcxSm9WWGZsSnREdU09}]
Telemetry: Url=https://ccl.eval.blackberry.com/ccl/auth
Telemetry: [Headers={Content-Type: binary/octet-stream, X-Carpathia-Api-Auth:  OAuth client_id=ccl, token_type=urn:rim:dreams:api:bearer, token=b1cc22ca-7499-4ba0-abdf-b37b62b03f11%3B1511999420376%3Bhttp%3A%2F%2Fccl.blackberry.com%3A8080%2Fccl%2Fauth%3BHMAC_SHA1%3AM1VYUnJiuW%2BQd1NRAeWYGUTsxj4%3D, Content-Encoding: gzip}]
Telemetry: Url=https://ccl.eval.blackberry.com/ccl/client-data
Telemetry: Content={"header":{"devicename":"zerolte","platform":"Android","incremental":"G925FXXU5EQJA","software":"7.0","hardwareid":"zeroltexx","cclversion":"1.0.0","jsonversion":"1.1","pin":"LDxykrShOJ3aEIK0qaMdkLyB50jfmsDxD.truncated","langcountrycode":"de","language":"German","timezone":"Europe/Zurich","carrier":"Swisscom","cellularType":"LTE","mcc":"228","mnc":"01","isproductiondevice":"true","userid":"0","ismanagedprofile":"false","manufacturer":"samsung","licensestate":"paid"},"batchevents":[{"appbatch":{"appname":"BlackBerry Calendar","appversion":"1.5.6.13927","appevents":[{"sessionid":"1649","source":"weekView","category":"button","time":"1511912051932","eventDesc":"onButtonClicked","action":"clicked","eventid":"onStructuredEvent","label":"navigationOpened"},{"sessionid":"1649","source":"weekView","category":"menuItem","time":"1511912078258","eventDesc":"onMenuItemClicked","action":"clicked","eventid":"onStructuredEvent","label":"work_week"},{"sessionid":"1649","eventDuration":"35689","source":"weekView","category":"content","time":"1511912078354","action":"viewed","eventid":"onStructuredEvent","eventStart":"317158434","eventDesc":"onContentViewed","eventEnd":"317194123"},{"sessionid":"1649","source":"workWeekView","category":"button","time":"1511912082656","eventDesc":"onButtonClicked","action":"clicked","eventid":"onStructuredEvent","label":"navigationOpened"},{"sessionid":"1649","source":"workWeekView","category":"menuItem","time":"1511912083501","eventDesc":"onMenuItemClicked","action":"clicked","eventid":"onStructuredEvent","label":"settings"},{"sessionid":"1649","category":"setting","time":"1511912083873","eventid":"onStructuredEvent","action":"modified","label":"tone","tone":"St..............................................s)","eventDesc":"onSettingModified"},{"sessionid":"1649","eventDuration":"12037","source":"workWeekView","category":"content","time":"1511912090388","action":"viewed","eventid":"onStructuredEvent","eventStart":"317194121","eventDesc":"onContentViewed","eventEnd":"317206158"}]}}
telemetry_native: TransportManager sendData Http post result: 200

Similar data is also sent to the second server (ccl.blackberry):

Code:

Telemetry: [Headers={Content-Type: binary/octet-stream, X-Carpathia-Api-Auth:  OAuth client_id=ccl, token_type=urn:rim:dreams:api:bearer, token=b1cc22ca-7499-4ba0-abdf-b37b62b03f11%3B1511999420376%3Bhttp%3A%2F%2Fccl.blackberry.com%3A8080%2Fccl%2Fauth%3BHMAC_SHA1%3AM1VYUnJiuW%2BQd1NRAeWYGUTsxj4%3D, Content-Encoding: gzip}]
Telemetry: Url=https://ccl.blackberry.com/ccl/client-data
Telemetry: Content={"header":{"devicename":"zerolte","platform":"Android","incremental":"G925FXXU5EQJA","software":"7.0","hardwareid":"zeroltexx","cclversion":"1.0.0","jsonversion":"1.1","pin":"LDxykrShOJ3aEIK0qaMdkLyB50jfmsDxD.truncated","langcountrycode":"de","language":"German","timezone":"Europe/Zurich","carrier":"Swisscom","cellularType":"LTE","mcc":"228","mnc":"01","isproductiondevice":"true","userid":"0","ismanagedprofile":"false","manufacturer":"samsung","licensestate":"paid"},"batchevents":[{"appbatch":{"appname":"telemetry","appversion":"1.0.0","appevents":[{"eventid":"onConsentChange","globalconsent":"true","source":"telemetry","time":"1511911809000"}]}}]}
telemetry_native: TransportManager sendData Http post result: 200

What is your opinion on these findings? Is BlackBerry collecting too much data? Post your thoughts here.

[Chuck Finley69]

Where are the BB10 defenders?? This can't be .... I'm no IT person but doesn't this shoot down the whole Android/IOS=Evil : BB=Good thinking?

[anon(10321802)]

Where are the BB10 defenders?? This can't be .... I'm no IT person but doesn't this shoot down the whole Android/IOS=Evil : BB=Good thinking?

Hub+ is on BB10??

[conite]

Hub+ is on BB10??

I'm guessing the point Chuck was making is that BlackBerry does it too.

[anon(10321802)]

I'm guessing the point Chuck was making is that BlackBerry does it too.

BlackBerry collects data about how its own products are used? Shocking. Utterly shocking.

[conite]

BlackBerry collects data about how its own products are used? Shocking. Utterly shocking.

What's the difference? The fact is they have a repository of information collected about you and from you.

The extra layer of trying to monetize that is immaterial as far as security is concerned, as no private information ever leaves those servers (at least not with Google's model).

[thurask]

BlackBerry collects data about how its own products are used? Shocking. Utterly shocking.

Replace BlackBerry in that sentence with anyone else and the screeching from CB will pierce the sky.

[Chuck Finley69]

Replace BlackBerry in that sentence with anyone else and the screeching from CB will pierce the sky.

Thanks to All above. This is what I was bringing up. Everybody acts like data collection is this evil action or idea but it's ok for BB to do as if BB operates by some different moralistic almost pious standard.

I say if you'll let BB do it, then quit complaining that Google is doing it.

[anon(10321802)]

What's the difference? The fact is they have a repository of information collected about you and from you.

The extra layer of trying to monetize that is immaterial as far as security is concerned, as no private information ever leaves those servers (at least not with Google's model).

BlackBerry doesn’t collect nearly as much data as Google does, nor do they sell it for targeted ads. That’s the difference.

[conite]

BlackBerry doesn’t collect nearly as much data as Google does, nor do they sell it for targeted ads. That’s the difference.

The second part is irrelevant.

As far as the amount collected, you are making an arbitrary line in the sand.

[anon(10321802)]

Thanks to All above. This is what I was bringing up. Everybody acts like data collection is this evil action or idea but it's ok for BB to do as if BB operates by some different moralistic almost pious standard.

I say if you'll let BB do it, then quit complaining that Google is doing it.

I don’t trust either company completely, but I trust BB more than Google.

BB’s business model isn’t dependent on collecting every possible point of personal data it can and monetizing it.

[Chuck Finley69]

I don’t trust either company completely, but I trust BB more than Google.

BB’s business model isn’t dependent on collecting every possible point of personal data it can and monetizing it.

So it's ok to collect SOME data as BB does and monetize only to level BB does....???

[chetmanley]

Do the connections to ccl occur regardless of the overall BlackBerry Diagnostics Setting?

Using netguard I've only noticed the ccl servers via BB Hub+ services if I also turn on bb diagnostics.

Any idea what the connection to 74.84.72.235 and .232 is for from Hub+ Services?

[Cobalt232]

My device is a Samsung S6, so I don't even have BlackBerry diagnostics installed. Ccl seems to be contacted regardless of that.

[Bla1ze]

What is your opinion on these findings? Is BlackBerry collecting too much data? Post your thoughts here.

Meh. Hard to say if it's too much without knowing the full extent. I can see they capture your device, carrier, connection and some other arguably trivial data but are they capturing any contents of your communications or anything along those lines? Google tracks every app you use on your device already, so its a bit of an extension of that as far as I can tell. Certainly nothing here that disturbs me more so than anything else.

[gizmo21]

So if I see alone the data showed here means they can recreate my whole calendar on their servers even that my calendar is hosted on my own personal server at home, that is ridiculous and that's only a small snippet posted there.
What about Tasks/Notes/Hub-Email(even work)/keyboard...

The amount of data transfered here would be too much if it would be transfered in a bug reporting case, but if that is the case in normal operation it is disgusting for an app-suite of a company telling me privacy in important.

I know "there is Google" , "the world is that way now" but this really freaks me out and AFAIK I have no opt-out on BlackBerry devices here.

I heared "Cobalts suite" have that Telemetry removed, perhaps I have to install unofficial suite then on my paid device.

[Invictus0]

My device is a Samsung S6, so I don't even have BlackBerry diagnostics installed. Ccl seems to be contacted regardless of that.

I'm using an app called Packet Capture on my S6 and I'm not seeing any app usage or telemetry data being sent through Hub+ Services. There's an initial connection to trial.blackberry.com with a list of apps I can access (a license check I assume) and subsequent calls to gmail when checking for email updates.

My Hub+ download is from Google Play and I have an active subscription, I'm assuming you're testing with your own apps?

[Cobalt232]

I've implemented tracing routines directly into the code. That's why I might see more data. Telemetry is buffering the behaviour data on the SD. It may not be sent immediately to the BlackBerry servers.

[Cobalt232]

I just updated the first post with more findings. Check out this link:
https://www.blackberry.com/app_inclu...ices_uiv1.prop

[paulwallace1234]

Not too fussed , although a option to turn off would be nice, for battery saving mainly.

[Cobalt232]

Telemetry data is also being collected in a F1 car to improve handling and performance. So why not do this in an app. Also, there is no personal data being transmitted.

I would say that it's acceptable.

[Invictus0]

I've implemented tracing routines directly into the code. That's why I might see more data. Telemetry is buffering the behaviour data on the SD. It may not be sent immediately to the BlackBerry servers.

Interesting, do you know what intervals the data might be sent at? I've been running the app since my last post and nothing's changed so far.

Not too fussed , although a option to turn off would be nice, for battery saving mainly.

Telemetry data is also being collected in a F1 car to improve handling and performance. So why not do this in an app. Also, there is no personal data being transmitted.

I would say that it's acceptable.

Yeah the data in OP is pretty basic (comparable to web analytics) and there's certainly nothing inherently wrong with telemetry. It would still be nice to know when it's actually sent and what control users have over it (if any).

[Invictus0]

I've implemented tracing routines directly into the code. That's why I might see more data. Telemetry is buffering the behaviour data on the SD. It may not be sent immediately to the BlackBerry servers.

Interesting, do you know what intervals the data might be sent at? I've been running the app since my last post and nothing's changed so far.

Not too fussed , although a option to turn off would be nice, for battery saving mainly.

Telemetry data is also being collected in a F1 car to improve handling and performance. So why not do this in an app. Also, there is no personal data being transmitted.

I would say that it's acceptable.

Yeah the data in OP is pretty basic (comparable to web analytics IMO) and there's certainly nothing inherently wrong with telemetry. It would still be nice to know when it's actually sent and what control users have over it (if any).

[chetmanley]

Telemetry data is also being collected in a F1 car to improve handling and performance. So why not do this in an app. Also, there is no personal data being transmitted.

I would say that it's acceptable.

Any idea what sort of data might be collected via the bb keyboard? The recent news regarding a free keyboard apps data collection makes this an area of interest I think.

The netguard App reported some strange connections being made by the bb keyboard, but maybe they were glitches in the firewall filtering?

Thanks again for your help

[Cobalt232]

I'm on vacation and will look into it when I'm back