John Floren

Home | Blog | Tools
Back to blog archive

Posted 2021/2/18

Unidentified Android Telemetry

Some application on my Android device is beaconing out to tls.telemetry.swe.quicinc.com, a Qualcomm domain, as shown in the Gravwell screenshot below.

What’s doing it? I don’t know, it’s an Android phone, a Moto G Power to be specific; I have no introspection capability.

Luckily, I’ve got CoreDNS running with a cron job to pull down an updated list of bad domains (see github.com/StevenBlack/hosts), so as you can see it’s getting blackholed. Still, it’s shit like this that makes me really want the Pinephone to succeed.