Android Security

Is Your Android Leaking Information? Check With ViaProtect

Guy McDowell 08-05-2014

Ever wonder just who your Android communicates with in the background? Perhaps you’re not as inquisitive (or paranoid) as I am, yet you should give this app a try anyway. What your Android device tells others, and who those others are, just might surprise or shock you!


The primary goal of the viaProtect app, developed by the fine folks at viaForensics, is to take away any shocks.

Keep in mind that this app is essentially a beta program. On the GooglePlay site it is labelled as being a ‘public preview’. What that means is that this is a release for you to try out, see what you like and don’t like, and hopefully you’ll give some considerate constructive criticism to viaForensics so they can make it better. Like I said – beta. Now that you know that, you’ll also know to not pay too much attention to the few low ratings for the app. A few people glossed over the part about it being a preview and expected it to be fully developed and flawless.

First Impression

As soon as I started viaProtect, it asked me if I wanted to register or use it as a guest. Registering is free and gives you a lot additional features and information through the web interface. I recommend registering.


The flat design, easy to read and understand navigation, and immediate risk assessment made me think this was a well-thought out application. Very good first impression, especially for a beta.


Initial Risk Assessment Screen

The first full screen you encounter is the Risk Report. The design is flat, easy to read, and doesn’t require trying to figure out security jargon. That’s a big plus. On my device it said that my Android was at minimal risk. Right under the rating, there’s a button labelled Learn more (sic).


When I clicked on that, I got a more detailed breakdown of the factors that make up the risk rating: Passcode, Debugging enabled (sic), Unvalidated Apps, Operating System, Jailbreak/Root status (sic), and Last Checkin (sic). All those sics you just read mean that’s exactly what the app reads, even if it is grammatically, or stylistically, incorrect.

I don’t have a passcode on my Android and that earned me a Severe rating. Having debugging enabled and being able to install unvalidated apps earned me a Moderate rating on each of those factors.  Having the operating system up to date, not having rooted my Android, and having recently checked in with viaProtect earned me Low ratings in those factors. All of those averaged out to the Low Risk rating. By tapping on those factors that were rated as severe or moderate, I got suggestions on how to remedy the problems.



Obviously, adding a passcode, and disabling debugging and the ability to install unverified apps would take care of my risks. If you find yourself in the same situation, you should most likely follow the advice. For the app testing that I do, I need to have debugging enabled and the ability to install unverified apps. It’s a risk I can live with.

I don’t recommend rooting your Android device, even though it may be convenient to do so. Remember, convenience always comes at  a cost. In this case, the cost is lowered Android security.

Personalized Report Details


Upon tapping this button, I was presented with a screen that shows the top 10 organizations that my Android communicated with today. Optionally, I could see the roundup for the last week or even month. The list of organizations didn’t surprise me – Google, Amazon, and Facebook were all in the mix. The other organizations are specific to apps I know I run, and my service provider.  What I would like to see here is the ability to click on an organization name to see exactly what apps are making these connections.



You can find that information on the viaProtect website though. The web site allowed me to drill down and see what apps were talking to which organizations. I could also drill down to the individual app and see very specific information, including other destination countries and the different IP addresses to which it has connected, and when it last connected to that IP address. You might not even be aware that an app is talking to another server or aware of what kind of information it is sending. That’s why it’s always important to understand what permissions an Android app wants How Android App Permissions Work and Why You Should Care Android forces apps to declare the permissions they require when they install them. You can protect your privacy, security, and cell phone bill by paying attention to permissions when installing apps – although many users... Read More .



On the Countries page, I saw which countries my Android was communicating with. I could see these summaries based on today’s traffic or traffic from the past 7 days, or past 30 days. Not surprisingly, the USA and Canada were the top two, but I was surprised at Ireland and China being in the list. Seeing my phone talking to China always makes me a little nervous about security. Like the Organization page, I would like to be able to click on the countries listed to see which apps, specifically, were talking to these countries.



Just like with Organization, you can drill deeper into the Countries information on the website. When I drilled into China, I saw that some Google apps, Knox, MightyText Make And Monitor Your Phone Text Messages With MightyText For Chrome It's a little more "instant" than e-mail but not as intrusive as a phone call. It's convenient, but it's not annoying if managed right. And most of all, it's one of the most highly addictive... Read More , root, and viaProtect had been accessing IPs that viaProtect showed as being in China. I dug a little deeper and found that all the IPs that these apps accessed that were supposedly in China, are actually owned by Google and are functioning out of California. So there’s a little room for improvement in viaProtect on this feature.


Encrypted Traffic

The Encrypted Traffic page was a bit more interesting to me than the other pages. Once more, just like the other pages, I could view stats for today, the past 7 days, or the past 30 days.

I was pleasantly surprised by just how much of my traffic was encrypted. Sixty-nine percent of the traffic was encrypted, fourteen percent unencrypted, and seventeen percent unknown. You might wonder how the app could not know if traffic was encrypted or not. The apps creating that traffic may use a proprietary communication protocol, or a type that just isn’t recognized by the viaProtect app just yet. Once more, I would like to be able to click on the different categories and see what apps were responsible for the different types of traffic. I’d also like to see what type of encryption each app used. As a sidenote, you should encrypt all the data on your Android How To Encrypt Data on Your Smartphone With the Prism-Verizon scandal, what allegedly has been happening is that the United States of America's National Security Agency (NSA) has been data mining. That is, they have been going through the call records of... Read More device anyway.


Of course, just like the other categories, the viaProtect website allows you to drill down through this information for the details. I’d like to see all this drilling down be available right in the app. It would make things much simpler when I’m not near a laptop. Through the web application, I found out that some of the protocols that were unknown to the Android app were protocols such as Apple Push and Google Play. When I drilled down into the unknown protocols segment, there wasn’t any information about what applications were using unknown protocols. Perhaps this is just another thing to mark up to it being a beta. The picture below shows a few of the applications that are using the http protocol.


Other Features


I got to the Sensors screen by tapping on the viaProtect icon in the top-left of the screen, then tapping on the Sensors icon. Here, I could see what sensors on my device viaProtect was gathering data from, and how often.

If you want to force an update of the info from any of the sensors, just give it a long tap. You’ll see a little pop-up telling you that the task has been completed.


A lot of this might not matter to you , but if you are an advanced Android user, you can go on your viaProtect website and adjust what sensors are used and how they are used. Mostly, tweaking these is done to conserve battery and data usage. Sensors in green are ones that are currently enabled, and sensors in red are currently disabled. At the end of the sensor bar you can see that there is an Android logo, an Apple logo, and sometimes both. That’s there to tell you what sensors are available for each platform. Yes, viaProtect is available on the iOS platform as well.


Online Help

ViaForensics has done a good job of putting together pretty extensive help for viaProtect on the website. I could start with the Quick Start guide and go from there to learn pretty much anything I’d want to know about viaProtect.


If you can’t find the answeryou’re looking for, you can also ask a public question, or do a search, in the Support Portal. Of course, they also have a presence on Twitter, Google+, Facebook, and LinkedIn. Pretty impressive for an app that’s currently in beta and free.

In Conclusion

This app has a big future in front of it. Any hype you may have read on other websites is pretty accurate. If you have any concerns about security and communications with your Android device, I recommend getting on this bandwagon sooner than later.

Have you installed viaProtect? What do you think about it? Do you know of any other Android apps that help you figure out who your device is communicating with? Answers to these questions and more are always welcomed in our comments section.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Guy M
    May 10, 2014 at 5:44 pm

    Wouldn't surprise me if that's something viaProtect eventually does.

  2. Don Gateley
    May 9, 2014 at 5:50 pm

    I'm awaiting the app that tells me what apps are accessing the mic, camera, SMS, contacts, location and the rest with real time notification of the occurrence and the ability block the access. I'm expecting John McAffee to release that as part of his DCentral app if Google hasn't made that technically impossible.