Ever wonder just who your Android communicates with in the background? Perhaps you’re not as inquisitive (or paranoid) as I am, yet you should give this app a try anyway. What your Android device tells others, and who those others are, just might surprise or shock you!
Keep in mind that this app is essentially a beta program. On the GooglePlay site it is labelled as being a ‘public preview’. What that means is that this is a release for you to try out, see what you like and don’t like, and hopefully you’ll give some considerate constructive criticism to viaForensics so they can make it better. Like I said – beta. Now that you know that, you’ll also know to not pay too much attention to the few low ratings for the app. A few people glossed over the part about it being a preview and expected it to be fully developed and flawless.
As soon as I started viaProtect, it asked me if I wanted to register or use it as a guest. Registering is free and gives you a lot additional features and information through the web interface. I recommend registering.
The flat design, easy to read and understand navigation, and immediate risk assessment made me think this was a well-thought out application. Very good first impression, especially for a beta.
Initial Risk Assessment Screen
The first full screen you encounter is the Risk Report. The design is flat, easy to read, and doesn’t require trying to figure out security jargon. That’s a big plus. On my device it said that my Android was at minimal risk. Right under the rating, there’s a button labelled Learn more (sic).
When I clicked on that, I got a more detailed breakdown of the factors that make up the risk rating: Passcode, Debugging enabled (sic), Unvalidated Apps, Operating System, Jailbreak/Root status (sic), and Last Checkin (sic). All those sics you just read mean that’s exactly what the app reads, even if it is grammatically, or stylistically, incorrect.
I don’t have a passcode on my Android and that earned me a Severe rating. Having debugging enabled and being able to install unvalidated apps earned me a Moderate rating on each of those factors. Having the operating system up to date, not having rooted my Android, and having recently checked in with viaProtect earned me Low ratings in those factors. All of those averaged out to the Low Risk rating. By tapping on those factors that were rated as severe or moderate, I got suggestions on how to remedy the problems.
Obviously, adding a passcode, and disabling debugging and the ability to install unverified apps would take care of my risks. If you find yourself in the same situation, you should most likely follow the advice. For the app testing that I do, I need to have debugging enabled and the ability to install unverified apps. It’s a risk I can live with.
I don’t recommend rooting your Android device, even though it may be convenient to do so. Remember, convenience always comes at a cost. In this case, the cost is lowered Android security.
Personalized Report Details
Upon tapping this button, I was presented with a screen that shows the top 10 organizations that my Android communicated with today. Optionally, I could see the roundup for the last week or even month. The list of organizations didn’t surprise me – Google, Amazon, and Facebook were all in the mix. The other organizations are specific to apps I know I run, and my service provider. What I would like to see here is the ability to click on an organization name to see exactly what apps are making these connections.
You can find that information on the viaProtect website though. The web site allowed me to drill down and see what apps were talking to which organizations. I could also drill down to the individual app and see very specific information, including other destination countries and the different IP addresses to which it has connected, and when it last connected to that IP address. You might not even be aware that an app is talking to another server or aware of what kind of information it is sending. That’s why it’s always important to understand what permissions an Android app wants.
On the Countries page, I saw which countries my Android was communicating with. I could see these summaries based on today’s traffic or traffic from the past 7 days, or past 30 days. Not surprisingly, the USA and Canada were the top two, but I was surprised at Ireland and China being in the list. Seeing my phone talking to China always makes me a little nervous about security. Like the Organization page, I would like to be able to click on the countries listed to see which apps, specifically, were talking to these countries.
Just like with Organization, you can drill deeper into the Countries information on the website. When I drilled into China, I saw that some Google apps, Knox, MightyText, root, and viaProtect had been accessing IPs that viaProtect showed as being in China. I dug a little deeper and found that all the IPs that these apps accessed that were supposedly in China, are actually owned by Google and are functioning out of California. So there’s a little room for improvement in viaProtect on this feature.
The Encrypted Traffic page was a bit more interesting to me than the other pages. Once more, just like the other pages, I could view stats for today, the past 7 days, or the past 30 days.
I was pleasantly surprised by just how much of my traffic was encrypted. Sixty-nine percent of the traffic was encrypted, fourteen percent unencrypted, and seventeen percent unknown. You might wonder how the app could not know if traffic was encrypted or not. The apps creating that traffic may use a proprietary communication protocol, or a type that just isn’t recognized by the viaProtect app just yet. Once more, I would like to be able to click on the different categories and see what apps were responsible for the different types of traffic. I’d also like to see what type of encryption each app used. As a sidenote, you should encrypt all the data on your Android device anyway.
Of course, just like the other categories, the viaProtect website allows you to drill down through this information for the details. I’d like to see all this drilling down be available right in the app. It would make things much simpler when I’m not near a laptop. Through the web application, I found out that some of the protocols that were unknown to the Android app were protocols such as Apple Push and Google Play. When I drilled down into the unknown protocols segment, there wasn’t any information about what applications were using unknown protocols. Perhaps this is just another thing to mark up to it being a beta. The picture below shows a few of the applications that are using the http protocol.
I got to the Sensors screen by tapping on the viaProtect icon in the top-left of the screen, then tapping on the Sensors icon. Here, I could see what sensors on my device viaProtect was gathering data from, and how often.
If you want to force an update of the info from any of the sensors, just give it a long tap. You’ll see a little pop-up telling you that the task has been completed.
A lot of this might not matter to you , but if you are an advanced Android user, you can go on your viaProtect website and adjust what sensors are used and how they are used. Mostly, tweaking these is done to conserve battery and data usage. Sensors in green are ones that are currently enabled, and sensors in red are currently disabled. At the end of the sensor bar you can see that there is an Android logo, an Apple logo, and sometimes both. That’s there to tell you what sensors are available for each platform. Yes, viaProtect is available on the iOS platform as well.
ViaForensics has done a good job of putting together pretty extensive help for viaProtect on the website. I could start with the Quick Start guide and go from there to learn pretty much anything I’d want to know about viaProtect.
If you can’t find the answeryou’re looking for, you can also ask a public question, or do a search, in the Support Portal. Of course, they also have a presence on Twitter, Google+, Facebook, and LinkedIn. Pretty impressive for an app that’s currently in beta and free.
This app has a big future in front of it. Any hype you may have read on other websites is pretty accurate. If you have any concerns about security and communications with your Android device, I recommend getting on this bandwagon sooner than later.
Have you installed viaProtect? What do you think about it? Do you know of any other Android apps that help you figure out who your device is communicating with? Answers to these questions and more are always welcomed in our comments section.