Posted 2021/2/18
Unidentified Android Telemetry
Some application on my Android device is beaconing out to tls.telemetry.swe.quicinc.com, a Qualcomm domain, as shown in the Gravwell screenshot below.
What’s doing it? I don’t know, it’s an Android phone, a Moto G Power to be specific; I have no introspection capability.
Luckily, I’ve got CoreDNS running with a cron job to pull down an updated list of bad domains (see github.com/StevenBlack/hosts), so as you can see it’s getting blackholed. Still, it’s shit like this that makes me really want the Pinephone to succeed.