relikd/appchk-web
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Files
6e0b2f206ba993290deedb556a6a0fd1d7bb960d
appchk-web/templates/root.html
relikd 6e0b2f206b Change github URL
2021-03-26 17:01:05 +01:00

104 lines
4.3 KiB
HTML
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<h2>Research Project</h2>
<div class="squeeze">
<p>
The appchk research project is an effort to shine a light on the background activity of iOS apps, making the otherwise hidden network connections visible to everyone.
The goal is to make privacy more accessible to the general public.
And thus create incentives for app developers to respect users privacy.
</p>
<p>
We want to offer users, activists, data protection authorities, and data protection officers an easily accessible and flexible tool to assess the privacy measures of iOS applications.
</p>
<span>appchk allows users to:</span>
<ul>
<li>get a visual overview of an apps communication signature</li>
<li>assess how an app ranks within its peer group or category</li>
<li>influence the ranking according to their preferences</li>
</ul>
</div>
<h2>Results</h2>
<div class="squeeze">
<p>
This website is the front-end of the evaluated data.
All app recordings are collected and displayed here.
Visually, it shows you how many known trackers an app uses.
How apps compare to each other, and if there are privacy-friendly alternatives.
</p>
<p>
You can go to <a href="/index/apps/">all apps</a> directly.
Or, if youre interested in details, check the <a href="/results/">results section</a>.
</p>
</div>
<h2>appchk The App</h2>
<p class="squeeze">
appchk is a pocket DNS monitor and network filter.<br>
It helps you identify applications that communicate with other parties.
</p>
<div class="xscroll">
<div class="carousel">
<img src="static/screenshot1.png" height="400">
<img src="static/screenshot2.png" height="400">
<img src="static/screenshot3.png" height="400">
</div>
</div>
<h3>How does it work?</h3>
<p class="squeeze">
appchk creates a local VPN proxy to intercept all network connections.
For each connection, appchk looks into the DNS headers only, namely the domain names.
These domain names are logged in the background while the VPN is running.
appchk does not need to be active all the time.
</p>
<h3>What about privacy?</h3>
<p class="squeeze">
Your data belongs to you.
Therefore, monitoring takes place on your device only.
appchk learns only the destination addresses, not the actual data that is exchanged.
The app does not share any data with us or any other third-party unless you choose to.
</p>
<h3>How can I contribute?</h3>
<p class="squeeze">
appchk allows you to record app-specific activity.
You can share these recordings with the community; it can help you and others avoid phony applications, even before you install an app.
</p>
<a id="get-appcheck" class="no-ul" href="https://testflight.apple.com/join/9jjaFeHO" target="_blank">
<img class="app-icon" src="/static/appchk.svg" alt="app-icon" width="30" height="30">
<p>
Get the iOS App and contribute.<br />
Join the TestFlight Beta.
</p>
</a>
<p class="snd mg_lr">
Source code is available <a href="https://github.com/ubapsi/appchk-app" target="_blank">on GitHub</a>.
</p>
<h2>Limitations</h2>
<div class="squeeze">
<p>
Due to the network extensions technical limitations, appchk can not detect if a network activity belongs to one app or another.
It may result in wrong attributions.
The attributions can be minimized by running only a single application during recording and filter results before contributing.
The evaluation website will ignore requests that appear only in a small subset of recordings.
</p>
<p>
This project is limited to <b>iOS applications</b>.
But there are similar projects for Android apps and websites.
Check these out:
</p>
<p>
&gt; <i><a href="https://github.com/OxfordHCC/tracker-control-android" target="_blank">TrackerControl</a></i> is an Android application that detects and prevents in-app tracking.
It uses the same approach as appchk does.
Analyzing DNS traffic on device with a local VPN extension.
</p>
<p>
&gt; <i><a href="https://privacyscore.org/" target="_blank">PrivacyScore.org</a></i> is a tool to analyze websites.
It allows you to create lists for comparison and ranking.
Not only does it show you how much tracking is present in a given website.
It also gives you a report on technical security and privacy measures.
This way you can evaluate related websites and choose the one with greater privacy benefits.
</p>
</div>
Reference in New Issue View Git Blame Copy Permalink