• The 8232 Project@lemmy.ml
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    13 days ago

    After getting the crash issue resolved (it is now fixed), I tested this to see how it behaves by using PCAPdroid. I also attempted to decrypt the traffic, to see what it sends.

    This is the traffic analysis:

    Type Port IP version Size Status
    DNS 53 IPv4 Random >120 B Closed (Good)
    TLS 443 IPv6 120 B Unreachable
    HTTPS 443 IPv4 Usually 2.4 KB Error (Did not trust my decryption certificate)

    It sends to a random list of hosts, all of which are listed here:

    https://4chan.org/

    https://www.reddit.com/

    https://www.yahoo.com/

    https://www.cnn.com/

    https://pornhub.com/

    https://www.ebay.com/

    https://wikipedia.org/

    https://youtube.com/

    https://github.com/

    https://medium.com/

    https://thepiratebay.org/

    After digging through the code, here is the file with a list of hosts. It also seems to randomly generate user agents, which is good.

    The developer blocked me from opening issues on all of his projects.

    • x00z@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      12 days ago

      Maybe you need 2FA on your GitHub account before you can do that. GitHub has made it a requirement for almost all the “dev” stuff.

    • tekato@lemmy.world
      link
      fedilink
      arrow-up
      7
      ·
      13 days ago

      From the repo:

      A random DNS and HTTPS internet traffic noise generator provides enhanced privacy and security by obfuscating users’ online activities. It generates random, non-user-initiated queries to DNS servers and encrypted HTTPS connections, making it difficult for third parties such as ISPs, surveillance systems, or malicious actors to analyze and track actual browsing patterns. This added layer of traffic noise reduces the effectiveness of traffic analysis and profiling techniques, making it harder to identify specific behaviors, websites, or services accessed by the user.

      Technically, even if your data is encrypted, the amount of data you send (and the time between packets) can be analyzed to at the very least figure out what website you’re on, and who knows what else (i.e. Youtube’s HTML, CSS, and JS files will be different than Facebook’s, so the amount of data sent will be different, and you can train an AI to recognize these patterns). This app pretty much it protects you against packet analysis from your ISP or anyone else who could monitor your network. I guess this assumes that you’re using a VPN or some sort of proxy since it’s not very useful otherwise.