Closed norilana closed 1 year ago
Thanks, I'll take a closer look. But it will take a little while.
@hagezi
You can start by adding to aggressive lists that will likely interrupt device updates and personal use.
Telemetry fields should be added to all hagezi versions. api.omc.samsungdm.com samsung-directory.edge.hiyaapi.com sun-apps.sfr.com in.appcenter.ms pebed.dmevent.net apkrep.ff.avast.com
some of them are already blocked
Yes, and there are some system endpoints that are very likely to limit or break functionality. The report shows in detail what is being transferred. But just because the domains are in the report they are not blindly blockable. That's why I have to look at this very carefully and do some research. This is very time consuming.
I can't really imagine that much blockable is missing in Ultimate. But, who knows.
In Ultimate blocked:
capi.samsungcloud.com
gos-api.gos-gsp.io
dir-apis.samsungdm.com
sspapi-prd.samsungrs.com
sdk.pushmessage.samsung.com
app.tr.adjust.com
app.us.adjust.com
app.adjust.com
adjust.com
tracking.intl.miui.com
api.sec.intl.miui.com
api.ad.intl.xiaomi.com
fr.register.xmpush.global.xiaomi.com
find.api.micloud.xiaomi.net
data.mistat.xiaomi.com
sdkconfig.ad.intl.xiaomi.com
mcc.intl.inf.miui.com
servicesupport.hicloud.com
shepherd.sb.avast.com
mvconf.cloud.360safe.com
mclean.cloud.360safe.com
dmxleo.dailymotion.com
telemetry.api.swiftkey.com
in.appcenter.ms
esa-reg-eup.myoppo.com
DEAD domains:
configserverdre.platform.hicloud.com
eu-api.mcsvc.samsung.com
eu-rd.mcsvc.samsung.com
ifotaeu.realmemobile.com
ifotain.realmemobile.com
ifotasg.realmemobile.com
ifotaus.realmemobile.com
in-api.mcsvc.samsung.com
in-kaf.samsungknox.com
in-rd.mcsvc.samsung.com
sg-api.mcsvc.samsung.com
sg-kaf.samsungknox.com
sg-rd.mcsvc.samsung.com
Not blocked:
api.gras.samsungdm.com
api.omc.samsungdm.com
apkrep.ff.avast.com
dms.ospserver.net
eu-kaf.samsungknox.com
fota-cloud-dn.ospserver.net
global.market.xiaomi.com
ie-odc.samsungapps.com
moaps.tmo.net
pebed.dmevent.net
pinning-02.secb2b.com
query.hicloud.com
samsung-directory.edge.hiyaapi.com
sun-apps.sfr.com
update.intl.miui.com
us-api.mcsvc.samsung.com
us-kaf.samsungknox.com
us-rd.mcsvc.samsung.com
www.ospserver.net
Breaking:
api.gras.samsungdm.com
- Initial device setup wizard
api.omc.samsungdm.com
- Services/Device Settings
dms.ospserver.net / www.ospserver.net / fota-cloud-dn.ospserver.net
- Firmware Updates
eu-kaf.samsungknox.com / us-kaf.samsungknox.com
- Services/Knoxguard
global.market.xiaomi.com
- App updates
ie-odc.samsungapps.com
- App updates
pinning-02.secb2b.com
- Samsung Knox
query.hicloud.com
- Firmware Updates
samsung-directory.edge.hiyaapi.com
- Samsung Directory
update.intl.miui.com
- Firmware updates
*.mcsvc.samsung.com
- SmartThings - https://github.com/hagezi/dns-blocklists/issues/273
Blockable:
apkrep.ff.avast.com
- Logs app details when a new app is installed
moaps.tmo.net
- Log Events (enabler activated) Xiaomi
pebed.dmevent.net
- Advertisement
sun-apps.sfr.com
- Logs device telemetry
If they are already blocked sorry for disturbing I have no doubt that you will make the right analysis.
@hagezi Breaking:
api.gras.samsungdm.com
- Initial device setup wizard
It's weird, i literally can setup new galaxy device setup wizard without internet connection in the first and has no problem. Maybe this is a problem for old samsung phones?
@MagicalAlchemist May be, but can not test it. I have relied on research.
@hagezi what about blocking poll.gras.samsungdm.com ? Will this cause any breakage?
it appears together with report.gras.samsungdm.com
@MagicalAlchemist It belongs to package com.samsung.android.sdm.config
. Seems to be used for update config.
If api.sec.intl.miui.com is blocked, it cannot be updated the antivirus from Miui Security apk.
Which domain(s) should be blocked?
Samsung
api.omc.samsungdm.com samsung-directory.edge.hiyaapi.com sun-apps.sfr.com capi.samsungcloud.com gos-api.gos-gsp.io dir-apis.samsungdm.com api.gras.samsungdm.com pinning-02.secb2b.com eu-kaf.samsungknox.com sg-kaf.samsungknox.com us-kaf.samsungknox.com in-kaf.samsungknox.com sspapi-prd.samsungrs.com fota-cloud-dn.ospserver.net dms.ospserver.net sdk.pushmessage.samsung.com us-api.mcsvc.samsung.com sg-api.mcsvc.samsung.com eu-api.mcsvc.samsung.com in-api.mcsvc.samsung.com us-rd.mcsvc.samsung.com sg-rd.mcsvc.samsung.com eu-rd.mcsvc.samsung.com in-rd.mcsvc.samsung.com ie-odc.samsungapps.com app.tr.adjust.com app.us.adjust.com www.ospserver.net app.adjust.com adjust.com
XIAOMI
tracking.intl.miui.com api.sec.intl.miui.com api.ad.intl.xiaomi.com update.intl.miui.com fr.register.xmpush.global.xiaomi.com find.api.micloud.xiaomi.net data.mistat.xiaomi.com sdkconfig.ad.intl.xiaomi.com mcc.intl.inf.miui.com global.market.xiaomi.com moaps.tmo.net
HUAWEI
query.hicloud.com configserverdre.platform.hicloud.com servicesupport.hicloud.com shepherd.sb.avast.com apkrep.ff.avast.com mvconf.cloud.360safe.com mclean.cloud.360safe.com pebed.dmevent.net dmxleo.dailymotion.com telemetry.api.swiftkey.com in.appcenter.ms
REALME
esa-reg-eup.myoppo.com ifotaeu.realmemobile.com ifotaus.realmemobile.com ifotasg.realmemobile.com ifotain.realmemobile.com
Why should the domain(s) be blocked?
Mobile os telemetry possible logs or analytics data loader
https://www.scss.tcd.ie/doug.leith/pubs/additional_material_neversleepingears.pdf