FORUMS
Remove All Ads from XDA

AirDroid Using Tencent Servers?

15 posts
Thanks Meter: 5
 
By TankedThomas, Junior Member on 8th August 2019, 09:18 AM
Post Reply Email Thread
I've search for information on this but have found nothing so I thought I'd post my findings here and see if anyone has anything to add/correct.

I've been setting up firewall blocking on my router using ASUSWRT-Merlin with Skynet firewall. I decided to block a whole bunch of countries that I deemed unnecessary/risky for security, including China.
Turns out, blocking China prevents AirDroid from working - it can't even log in.
Checking the log shows a bunch of domains that Skynet is blocking (stat.airdroid.com, stat3.airdroid.com, stat-push.airdroid.com, us-east-7-data.airdroid.com, us-east-8-data.airdroid.com, srv3-clb.airdroid.com, id4-clb.airdroid.com; possibly others). Telling Skynet to unblock these domains results in it responding with "Element cannot be deleted from the set: it's not added" (i.e. they're not blocked).
Removing China from the blocked countries list allows AirDroid to work.

Now this is where things get interesting, and how I figured out the China-wide blocking was causing this issue. In the log file that Skynet stores on the inserted USB drive, "skynet.log", it shows the IPs that these connections were trying to make. All of them are owned by Tencent (there were two prominent ones, but the entire range beginning with "49.51." is owned by them) - specifically, these are for TencentCloud (I assume those are their cloud services, like Azure or AWS or such).
Also, the three MAC addresses dealing with the Tencent IPs are my Note 9, Galaxy Tab A8 and my MacBook - the only three devices on which I run AirDroid.

I'm sure most people won't really care on what servers AirDroid are hosting, but personally, I'd rather not have any connections made to or from Tencent IPs if possible, especially considering how often AirDroid appears to be phoning home. This worries me, especially since this doesn't appear to be public knowledge. The only inconsistency is that a whois lookup shows AirDroid's host is GoDaddy, so how exactly Tencent is involved, I'm not sure... but they are.

If I'm mistaken about this, please feel free to correct me - I'd be happy to be wrong, frankly -, but based on what I'm seeing and the blocking/unblocking I've tried, it appears, at least for now, that this is true.
Guess I'll have to start looking for an AirDroid alternative, because this is unacceptable to me.

Attached are some screenshots of my logs with MAC addresses and personal IPs redacted in case anyone is curious. Yes, I realise the dates are different - I didn't realise I'd screencapped yesterday from the log until after I had edited the images, but the data is pretty much identical to the data from today.
Best I can tell, the Tencent IPs definitely coincide with AirDroid trying to log in and authenticate (and failing at the time because China was still blocked).
Attached Thumbnails
Click image for larger version

Name:	Screen Shot 2019-08-08 at 7.13.58 PM.png
Views:	26
Size:	114.3 KB
ID:	4803283   Click image for larger version

Name:	Screen Shot 2019-08-08 at 7.12.54 PM.jpg
Views:	24
Size:	271.3 KB
ID:	4803284   Click image for larger version

Name:	Screen Shot 2019-08-08 at 7.14.41 PM.png
Views:	22
Size:	241.4 KB
ID:	4803285  
 
 
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes