AirDroid Using Tencent Servers?

Search This thread
By:
Advanced…
TankedThomas

TankedThomas

Member
Sep 25, 2018
29
22
I've search for information on this but have found nothing so I thought I'd post my findings here and see if anyone has anything to add/correct.

I've been setting up firewall blocking on my router using ASUSWRT-Merlin with Skynet firewall. I decided to block a whole bunch of countries that I deemed unnecessary/risky for security, including China.
Turns out, blocking China prevents AirDroid from working - it can't even log in.
Checking the log shows a bunch of domains that Skynet is blocking (stat.airdroid.com, stat3.airdroid.com, stat-push.airdroid.com, us-east-7-data.airdroid.com, us-east-8-data.airdroid.com, srv3-clb.airdroid.com, id4-clb.airdroid.com; possibly others). Telling Skynet to unblock these domains results in it responding with "Element cannot be deleted from the set: it's not added" (i.e. they're not blocked).
Removing China from the blocked countries list allows AirDroid to work.

Now this is where things get interesting, and how I figured out the China-wide blocking was causing this issue. In the log file that Skynet stores on the inserted USB drive, "skynet.log", it shows the IPs that these connections were trying to make. All of them are owned by Tencent (there were two prominent ones, but the entire range beginning with "49.51." is owned by them) - specifically, these are for TencentCloud (I assume those are their cloud services, like Azure or AWS or such).
Also, the three MAC addresses dealing with the Tencent IPs are my Note 9, Galaxy Tab A8 and my MacBook - the only three devices on which I run AirDroid.

I'm sure most people won't really care on what servers AirDroid are hosting, but personally, I'd rather not have any connections made to or from Tencent IPs if possible, especially considering how often AirDroid appears to be phoning home. This worries me, especially since this doesn't appear to be public knowledge. The only inconsistency is that a whois lookup shows AirDroid's host is GoDaddy, so how exactly Tencent is involved, I'm not sure... but they are.

If I'm mistaken about this, please feel free to correct me - I'd be happy to be wrong, frankly -, but based on what I'm seeing and the blocking/unblocking I've tried, it appears, at least for now, that this is true.
Guess I'll have to start looking for an AirDroid alternative, because this is unacceptable to me.

Attached are some screenshots of my logs with MAC addresses and personal IPs redacted in case anyone is curious. Yes, I realise the dates are different - I didn't realise I'd screencapped yesterday from the log until after I had edited the images, but the data is pretty much identical to the data from today.
Best I can tell, the Tencent IPs definitely coincide with AirDroid trying to log in and authenticate (and failing at the time because China was still blocked).
 
  • Like
Reactions: Azazello, wasdroger and Horcza
TankedThomas

TankedThomas

Member
Sep 25, 2018
29
22
No problem. I'm glad someone found it useful. Nobody else seems to be talking about it, which bothers me.

If nothing else, Tencent's servers are being used for Airdroid's authentication servers.
 
W

wangdaning

Senior Member
Sep 17, 2012
1,624
704
Wuxi
Not sure why it is such an issue really? I mean it is not like other services that use servers tell me where they are routing anything. I would be more worried that there is basically no information about the company that runs the project.
 
TankedThomas

TankedThomas

Member
Sep 25, 2018
29
22
wangdaning said:
Not sure why it is such an issue really? I mean it is not like other services that use servers tell me where they are routing anything. I would be more worried that there is basically no information about the company that runs the project.
Click to expand...
Click to collapse

Because not every company routes your information through Chinese servers which, in this case, could have a large amount of access to your linked devices. Tencent is not a trustworthy company. This could potentially mean that, if they wanted to, the Chinese government could access a lot of your data through AirDroid.
Now, obviously that's not guaranteed, but I still wouldn't trust it.
Then again, there's a reason I try to stick to FOSS software as much as possible. AirDroid was convenient for a while but I don't use it now.

Besides, your reasoning for this not being "such an issue" is "others are shady too". That... doesn't actually make it any better. Plus we know that companies like Google, for example, mine your data anyway, whereas this seemingly innocuous application that I've seen readily recommended by many people is a lot more obfuscated (probably because it's a smaller app).
That, and I haven't found many apps and sites from personal usage that my firewall setup blocks, so this one absolutely stood out like a sore thumb.
I don't want anything to do with Tencent and I know other people feel the same way as me. More importantly, I shared the information to hopefully learn more and, more importantly, let other people know in case they care.
 
  • Like
  • Love
Reactions: AllanonMage and Azazello
W

wangdaning

Senior Member
Sep 17, 2012
1,624
704
Wuxi
TankedThomas said:
Because not every company routes your information through Chinese servers which, in this case, could have a large amount of access to your linked devices. Tencent is not a trustworthy company. This could potentially mean that, if they wanted to, the Chinese government could access a lot of your data through AirDroid.
Now, obviously that's not guaranteed, but I still wouldn't trust it.
Then again, there's a reason I try to stick to FOSS software as much as possible. AirDroid was convenient for a while but I don't use it now.

Besides, your reasoning for this not being "such an issue" is "others are shady too". That... doesn't actually make it any better. Plus we know that companies like Google, for example, mine your data anyway, whereas this seemingly innocuous application that I've seen readily recommended by many people is a lot more obfuscated (probably because it's a smaller app).
That, and I haven't found many apps and sites from personal usage that my firewall setup blocks, so this one absolutely stood out like a sore thumb.
I don't want anything to do with Tencent and I know other people feel the same way as me. More importantly, I shared the information to hopefully learn more and, more importantly, let other people know in case they care.
Click to expand...
Click to collapse

I would like to know what exactly makes tencent untrustworthy. I use them for banking daily, so would like to be informed.
 
TankedThomas

TankedThomas

Member
Sep 25, 2018
29
22
wangdaning said:
I would like to know what exactly makes tencent untrustworthy. I use them for banking daily, so would like to be informed.
Click to expand...
Click to collapse
The fact that they give your data to the Chinese government should be all you need to know to deem them untrustworthy - Tencent and similar companies collect a lot of your data (often illegally).
If you don't believe me, look it up - most of (if not all, though that has yet to be conclusively proven, but it's not much of a stretch) the tech giants in mainland China are in the pocket of the Chinese government.
Frankly, I value my privacy too much to deal with such a company, and using them for banking sounds like a bad idea to me.

Here are some sources that I pulled up quickly, but there's plenty more of these around the web:
https://www.wsj.com/articles/chinas...ping-the-government-see-everything-1512056284
https://www.scmp.com/tech/article/2...-your-data-when-you-use-chinese-messaging-app
https://fossbytes.com/xiaomi-and-tencent-illegal-data-collection-china/
https://freedomhouse.org/blog/worried-about-huawei-take-closer-look-tencent

The best they get is a slap on the wrist (and sometimes only for the sake of publicity), then they continue on with these practices.
And that's to say nothing of the censorship in which they engage.
 
  • Like
Reactions: AllanonMage and Azazello
W

wangdaning

Senior Member
Sep 17, 2012
1,624
704
Wuxi
TankedThomas said:
The fact that they give your data to the Chinese government should be all you need to know to deem them untrustworthy - Tencent and similar companies collect a lot of your data (often illegally).
If you don't believe me, look it up - most of (if not all, though that has yet to be conclusively proven, but it's not much of a stretch) the tech giants in mainland China are in the pocket of the Chinese government.
Frankly, I value my privacy too much to deal with such a company, and using them for banking sounds like a bad idea to me.

Here are some sources that I pulled up quickly, but there's plenty more of these around the web:
https://www.wsj.com/articles/chinas...ping-the-government-see-everything-1512056284
https://www.scmp.com/tech/article/2...-your-data-when-you-use-chinese-messaging-app
https://fossbytes.com/xiaomi-and-tencent-illegal-data-collection-china/
https://freedomhouse.org/blog/worried-about-huawei-take-closer-look-tencent

The best they get is a slap on the wrist (and sometimes only for the sake of publicity), then they continue on with these practices.
And that's to say nothing of the censorship in which they engage.
Click to expand...
Click to collapse

If privacy was your main concern you would never use an app that routes your data through a third party without encryption. It is clear your goal is to take a shot at a company that is not even in control of the app you are complaining about. Lets see, your news list says, Xiaomi, Huawei, Tencent, and Chinese. How interesting.

By all means protect your privacy. I know I do and I use all three companies and many more products from the country. I hate that tencent knows when I get a latte though :silly:
 
TankedThomas

TankedThomas

Member
Sep 25, 2018
29
22
wangdaning said:
If privacy was your main concern you would never use an app that routes your data through a third party without encryption. It is clear your goal is to take a shot at a company that is not even in control of the app you are complaining about. Lets see, your news list says, Xiaomi, Huawei, Tencent, and Chinese. How interesting.

By all means protect your privacy. I know I do and I use all three companies and many more products from the country. I hate that tencent knows when I get a latte though :silly:
Click to expand...
Click to collapse

It is clear your goal is to defend a bunch of Chinese companies known for handing data over to the Chinese government.

The fact that you are purposely trying to portray me in a specific way to fit your narrow-minded view instead of being concerned about how and where data goes (and for the record, I care about where my data goes in general, but most people around here are already well aware of where data for companies like Google and Apple goes, but not for an app like this) is frankly ridiculous.

If you don't care about this (which you clearly do not), then kindly leave this thread and don't return. I posted this thread to let people who despise Tencent and their business practices know about AirDroid's involvement, and to see if anyone had more information. I did NOT post this thread for you to come along and defend Tencent's honour. Enough garbage companies already do that, and they've added as much to the discussion of privacy as you have (i.e. absolutely nothing of value).
 
Last edited:
  • Like
Reactions: AllanonMage, Azazello and doggydog2
doggydog2

doggydog2

Senior Member
Jul 2, 2007
723
329
Samsung Galaxy Tab S4
Samsung Galaxy S10
Great concerns, for sure. Thanks for your input.
I tried the app, quickly isolating it from the WAN, and running with Xprivacy of course. Luckily, HTTPS local connection only is possible. I wouldn't sign up in this type of app and i wouldnt use the barcode reader to connect to WAN. Rendered LAN web app contacts chinese servers on the PC, but reviewing content it looked fine in a quick check.
The app seems chinese, it's giving me one notification bar in chinese, and rest of translations are chinglish. I don't say it's neccessarily wrong, i just want to know if this is an open source app to trust it. Otherwise, i will keep running it in strict LAN mode.

Now about the functionality, I like Synology/Windows like UI. So cool!
Contacts/Call log/messages/ringtones/apps work.
Mirroring and Camera worked once. There's some strange checkbox "Don't show again" to click on (?) in Mirroring settings which doesn't work. Update: Camera worked again once switching back to HTTP.
Files/Music/Pictures/Videos don't work at all, even the android app cannot see files. No clue why.
Notifications are shown again on HTTP, however they're not displayed by the browser AND they simply disappear later. No actions also. So unless you 're currently in the tab, you won't notice anything.

I struggle to find a use case for this.
* Mirroring isn't interactive - so together with Camera it's a very infrequent function to use. I'd rather have an interactive mirroring like MobilEdit (if i remember correctly), what a great app it was. Or a Dex type of desktop where you can really interact with the android.
* Messages is showing "SMS", which is something obsolete for me, using alt messenger with secure repository (not the standard unsafe android one). SMS and calls are dead to me long time ago, but i'd have been happy about possibility to reply a decade ago, definitely!
* The last resort is notifications, that'd save some time if implemented well, with history. But it's not.
* One more thing on my mind is ability to send APK to phone, ok.. but it's again a rare task, i wouldn't run this background service for this purpose if i can send the APK via bluetooth...
 
  • Like
Reactions: swift 512
S

starbright_

Senior Member
Apr 11, 2010
1,472
262
I look for an app that let me get rid of USB cable for sharing photos or musik between PC and phone.
Sorry if I didn't understood the whole elaboration, but isn't this not just a point to point connection? I wouldn't like that others have access to it.
Or is it about other services?
 
You must log in or register to reply here.

Similar threads

T
  • Locked
cracked airdroid or activation code?..
Replies
1
Views
47K
G
GuestK0087
sabrinamalei
  • Sticky
Welcome to AirDroid Forum Section + Forum Rules + Everything Else
Replies
10
Views
20K
A
android AirDroid
J
AirDroid... yet another like Remote Web Desktop
Replies
19
Views
15K
Aldreth
Aldreth
Anstar1992
  • Sticky
Teach AirDroid your own language!
Replies
3
Views
11K
hloirock
hloirock
NOMIOMI
[New App] AirDroid Lets Your Desktop Control Your Android Phone Over WiFi
Replies
25
Views
15K
N
ngocviet

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 3
    TankedThomas
    TankedThomas
    I've search for information on this but have found nothing so I thought I'd post my findings here and see if anyone has anything to add/correct.

    I've been setting up firewall blocking on my router using ASUSWRT-Merlin with Skynet firewall. I decided to block a whole bunch of countries that I deemed unnecessary/risky for security, including China.
    Turns out, blocking China prevents AirDroid from working - it can't even log in.
    Checking the log shows a bunch of domains that Skynet is blocking (stat.airdroid.com, stat3.airdroid.com, stat-push.airdroid.com, us-east-7-data.airdroid.com, us-east-8-data.airdroid.com, srv3-clb.airdroid.com, id4-clb.airdroid.com; possibly others). Telling Skynet to unblock these domains results in it responding with "Element cannot be deleted from the set: it's not added" (i.e. they're not blocked).
    Removing China from the blocked countries list allows AirDroid to work.

    Now this is where things get interesting, and how I figured out the China-wide blocking was causing this issue. In the log file that Skynet stores on the inserted USB drive, "skynet.log", it shows the IPs that these connections were trying to make. All of them are owned by Tencent (there were two prominent ones, but the entire range beginning with "49.51." is owned by them) - specifically, these are for TencentCloud (I assume those are their cloud services, like Azure or AWS or such).
    Also, the three MAC addresses dealing with the Tencent IPs are my Note 9, Galaxy Tab A8 and my MacBook - the only three devices on which I run AirDroid.

    I'm sure most people won't really care on what servers AirDroid are hosting, but personally, I'd rather not have any connections made to or from Tencent IPs if possible, especially considering how often AirDroid appears to be phoning home. This worries me, especially since this doesn't appear to be public knowledge. The only inconsistency is that a whois lookup shows AirDroid's host is GoDaddy, so how exactly Tencent is involved, I'm not sure... but they are.

    If I'm mistaken about this, please feel free to correct me - I'd be happy to be wrong, frankly -, but based on what I'm seeing and the blocking/unblocking I've tried, it appears, at least for now, that this is true.
    Guess I'll have to start looking for an AirDroid alternative, because this is unacceptable to me.

    Attached are some screenshots of my logs with MAC addresses and personal IPs redacted in case anyone is curious. Yes, I realise the dates are different - I didn't realise I'd screencapped yesterday from the log until after I had edited the images, but the data is pretty much identical to the data from today.
    Best I can tell, the Tencent IPs definitely coincide with AirDroid trying to log in and authenticate (and failing at the time because China was still blocked).
    View
    3
    TankedThomas
    TankedThomas
    wangdaning said:
    If privacy was your main concern you would never use an app that routes your data through a third party without encryption. It is clear your goal is to take a shot at a company that is not even in control of the app you are complaining about. Lets see, your news list says, Xiaomi, Huawei, Tencent, and Chinese. How interesting.

    By all means protect your privacy. I know I do and I use all three companies and many more products from the country. I hate that tencent knows when I get a latte though :silly:
    Click to expand...
    Click to collapse

    It is clear your goal is to defend a bunch of Chinese companies known for handing data over to the Chinese government.

    The fact that you are purposely trying to portray me in a specific way to fit your narrow-minded view instead of being concerned about how and where data goes (and for the record, I care about where my data goes in general, but most people around here are already well aware of where data for companies like Google and Apple goes, but not for an app like this) is frankly ridiculous.

    If you don't care about this (which you clearly do not), then kindly leave this thread and don't return. I posted this thread to let people who despise Tencent and their business practices know about AirDroid's involvement, and to see if anyone had more information. I did NOT post this thread for you to come along and defend Tencent's honour. Enough garbage companies already do that, and they've added as much to the discussion of privacy as you have (i.e. absolutely nothing of value).
    View
    2
    W
    wasdroger
    Thanks for this info, I was already having my doubts about Airdroid.
    View
    2
    TankedThomas
    TankedThomas
    wangdaning said:
    Not sure why it is such an issue really? I mean it is not like other services that use servers tell me where they are routing anything. I would be more worried that there is basically no information about the company that runs the project.
    Click to expand...
    Click to collapse

    Because not every company routes your information through Chinese servers which, in this case, could have a large amount of access to your linked devices. Tencent is not a trustworthy company. This could potentially mean that, if they wanted to, the Chinese government could access a lot of your data through AirDroid.
    Now, obviously that's not guaranteed, but I still wouldn't trust it.
    Then again, there's a reason I try to stick to FOSS software as much as possible. AirDroid was convenient for a while but I don't use it now.

    Besides, your reasoning for this not being "such an issue" is "others are shady too". That... doesn't actually make it any better. Plus we know that companies like Google, for example, mine your data anyway, whereas this seemingly innocuous application that I've seen readily recommended by many people is a lot more obfuscated (probably because it's a smaller app).
    That, and I haven't found many apps and sites from personal usage that my firewall setup blocks, so this one absolutely stood out like a sore thumb.
    I don't want anything to do with Tencent and I know other people feel the same way as me. More importantly, I shared the information to hopefully learn more and, more importantly, let other people know in case they care.
    View
    2
    TankedThomas
    TankedThomas
    wangdaning said:
    I would like to know what exactly makes tencent untrustworthy. I use them for banking daily, so would like to be informed.
    Click to expand...
    Click to collapse
    The fact that they give your data to the Chinese government should be all you need to know to deem them untrustworthy - Tencent and similar companies collect a lot of your data (often illegally).
    If you don't believe me, look it up - most of (if not all, though that has yet to be conclusively proven, but it's not much of a stretch) the tech giants in mainland China are in the pocket of the Chinese government.
    Frankly, I value my privacy too much to deal with such a company, and using them for banking sounds like a bad idea to me.

    Here are some sources that I pulled up quickly, but there's plenty more of these around the web:
    https://www.wsj.com/articles/chinas...ping-the-government-see-everything-1512056284
    https://www.scmp.com/tech/article/2...-your-data-when-you-use-chinese-messaging-app
    https://fossbytes.com/xiaomi-and-tencent-illegal-data-collection-china/
    https://freedomhouse.org/blog/worried-about-huawei-take-closer-look-tencent

    The best they get is a slap on the wrist (and sometimes only for the sake of publicity), then they continue on with these practices.
    And that's to say nothing of the censorship in which they engage.
    View

New posts