Arshad Mehmood

Software engineer for web and mobile. M.Sc. Business Informatics, University of Mannheim.

1 minute read

Es File Explorer File Manager was one the best File managers for Android for the past few years. But they have definitely killed the goose that layed the golden eggs, by adding ads to users lockscreens, without their consent and by tracking users, with their indirect consent(as mentioned in their privacy policy).

I am an Android developer and while developing one of my apps, I noticed that Android device got slow recently and I was getting lots of error messages on the logcat console in Android studio. At first, I thought the errors are from my app, but later I found out that they are from Es File Explorer, I decided to investigate further. I saw that Es File Explorer is constantly tracking and sending data to their servers in the background.

Tracking

Here is one the decoded request:

http://www.estrongs.com/console/service/sample/index.php?source=ESF&country=us&unique_id=LORIC6gwj4Ixo9Ce2Orl6g==&check_modify=1&modify_key=21_1447826873|24_1444888709|25_1448439534|35_1446794822|42_1442904834|46_1442558032|48_1445226105|50_1450087570|51_1441621473|52_1443090887|53_1442562425|54_1443581547|55_1462794043|56_1442907274|57_1448041476|58_1444714745|60_1448041589|64_1446647287|66_1444967946|69_1450257313|71_1446232444|73_1446229808|74_1446727398|75_1448612592|76_1477034790|80_1448532222|81_1448253005|82_1448532227|83_1448036242|84_1449208436|96_1448629534|97_1448629528|104_1450085875|105_1450061735|106_1450061725|107_1450094597|114_1450950870|115_1450950905|116_1451373200|124_1457064606|45

Apparently, LORIC6gwj4Ixo9Ce2Orl6g is my unique id for background tracking. The other keys are encrypted and I don’t know what data is being sent. I had not opened the app for a long time, and also didn’t update the app, which explains the errors because the web api links for tracking were not working.

Along with that, I saw that it is also requesting, connection info and location data.

Tracking

Not only that, the adwares in Es File Explorer are also running in the background and tracking you, the ones which I saw in logcat are DuSwipe and Appsflyer. They would be generating lots of data by tracking their 300 Million users. I am not a security expert but, I found out that they are monitoring me in the background, without telling me, I have uninstalled their app.

Here is the log file with filter for `Estrong.

Support me with ETH: 0x681a83007bC52C0bF42B41263Dc498f9Ef7af02A

Leave a comment

You may also enjoy

Big O Notation Cheatsheet in Landscape PDF

less than 1 minute read

Big-O cheat sheet already provides a PDF, but its not good enough for me and also not in Landscape mode. So, I made a better one which you can download below:

How to use Arduino mega as a USB TTL Adapter

less than 1 minute read

Using any Arduino as a USB to TTL Adapter is very easy. Just need to connect the reset pin with grnd pin to bypass the ATmega chip. The Rx and Tx pins can th...