Regarding Android OS leak.
I installed Network Log app just to see if I can investigate this further and it turned out that all the leaks happen during the start up.
Android OS does not pass the Afwall after the start up.
I have Nexus 4 and have "fix Device Start Rules" checked
Edit: Android OS DOES pass Afwall after start up. So does Root.
Edit 2: I have to start all over again because I did not have the correct settings in Network Log. It showed all attempted transmissions. Now I have it on the transmissions that do pass the firewall. My bad. I will report my results.
Edit 3: Network Log no longer registers any trafic through Afwall but again that don't mean anything because by the time it gets loaded at start up the damage has already been done.
I am assuming that All the leaking happens during the start up. Sorry for the useless post....
I will let you know if Network Log will catch any Android OS leaks while the phone is up and running
Edit 4: While Data traffic in the phone settings shows the Android OS has used 5 KB after the start up, Network Log shows no leaks through the Firewall. i can not assume that phone setting is showing the attempted and the actual traffic because if that was the case then it should show all other apps attempted which it is not...
Started Maps which could not connect because it is blocked in AFwall. The phone settings says that maps has transmitted 572 KB of data but network Log says that it has not transmitted any data.
started the browser which is allowed by AFwall and Network log reported it along with the root and the kernel accessing the internet.
Is the data usage in the phone settings showing all attempted and successful access?