This post is part 3 of the series that looks at how Android based devices interact with Google in the background. In part one, I've been analyzing what an Android device does if the user gives the device his Google login credentials and otherwise leaves the settings as they are. Part 2 then looked at what the ordinary user can do to reduce the exchange of data with Google. But even with all options turned off via the user interface there is still some interaction going on through encrypted connections. While encryption is obviously necessary to prevent eavesdropping it also makes it impossible to see from the outside what kind of data is exchanged. So I was wondering if there is a way to stop the device from talking to Google completely.
And indeed there is away. During my research I noticed that like most other Internet based services, Google uses the Domain Name Service (DNS) to resolve domain names such as www.google.com to IP addresses that the applications such as Google Talk, the Android market, maps, calendar and address book synch, etc. use to talk to servers in the cloud. In practice, name resolution comes into play when a program opens a connection to a server with a domain name. Before the server is contacted, the OS first sends a request to the DNS server in the network to get the IP address of the application server. By tapping into this process and giving the application the local loopback address instead of the IP address of the server, communication can be stopped. Obviously this should only happen for certain domain names as otherwise web browsing and other services would stop working as well.
So how can the local loopback address be returned for certain domain names? If you are in control of the DNS server that is used for a connection then it's possible to control it on the external server. In most cases, however, there's no way to control the external DNS server because for cellular connections, Android does not offer the possibility to specify a DNS server manually, i.e. the network operator chooses which DNS server to use.
The second possibility is to interact with the DNS resolver on the device directly. The Android DNS resolver, as it is based on Linux, always queries a file called "hosts" in the /etc directory for local name resolution before it queries an external server. Usually the file only contains one entry:
127.0.0.1 loopback
By adding additional entries for the domain name of Google services, communication can be prevented. Here's an example:
127.0.0.1 android.clients.google.com
127.0.0.1 mtalk.google.com
127.0.0.1 www.google.com
Depending on the manufacturer additional lines are necessary to stop the phone talking to HTC, Samsung, LG as well.
The problem with the hosts file is that it is located in a protected area so the device has to be rooted first. How this is done depends on the model and the maker of the device. Once done and after installing a terminal program such as "Terminal Emulator" to get to a shell, the final obstacle is that the partition the /etc directory is located is mounted as read only. So before the file can be changed the partition has to be remounted as writable. Here's the shell command to do that for a Samsung Galaxy S:
mount -oremount,rw /dev/block/st19 /system
Other devices might have the /etc directory mounted somewhere else which can be found out by using the mount command without any options.
It takes quite some effort to stop the conversation of background services but depending on your privacy needs it's an effort well worth taking. Every now and then, however, even I would like to use a Google service such as maps, I just don't want my device to exchange data with Google all the time. To do that the lines added to the hosts file have to be removed again (after making sure address book and calendar synch is still disabled in the settings). Perhaps that is something that should be automated…
Great insight and clear explanation about how google and its application integrated each other