|
It's been a while since I looked at it, but here's what I remember: In the UI, you can choose if the device should communicate to Chinese or US servers. Both of them are available under the boox.com domain, so I assume they are both controlled by the Chinese manufacturer. The device uses this to check for firmware upgrades, to sync notes, for their own book store and IIRC to send some basic usage statistics. As per firmware version 3.0 (v3.1 is current), this traffic was only partly encrypted. Besides this, the software seems to include some kind of Tencent SDK, which tries to contact Chinese servers quite aggressively, regardless of which setting you choose in the UI. The traffic is encrypted, so I couldn't figure out what it does. The servers seem to belong to Tencent's QQ service [1], so they supposedly use it for their on-device support feature. However, because the device tries to contact the servers immediately after startup, I assume it does some kind of analytics tracking as well. Blocking the service's domains on the DNS level doesn't work though, as the SDK will start to contact fixed IP addresses if DNS resolution fails. Luckily, all of this traffic can be blocked after rooting and installing a firewall (see my post above), since all of this is implemented under Android user ID 1000, which makes it easy to block in AFWall+. [1] https://en.wikipedia.org/wiki/Tencent_QQ |