Skip to main content

Experience the Future of Voice AI Agora's Conversational AI Engine (Public Beta)

×

Agora React SDK 2.4.0 Released Optimized for AI and Stability

×

Agora Virtual Background Extension 2.1.0 is Live!

×

Agora Convo AI's Data Transmission with Wireshark

Updated

Introduction

With increasing concerns about data privacy and security, it's essential to understand how applications handle data transmission. In this analysis, we aim to investigate whether Agora Convo AI collects or transmits data and, if so, where it sends it. To achieve this, we will capture and analyze network traffic using Wireshark on a MacBook with an iPhone connected via USB.

Setup and Methodology

Equipment Used:

  • MacBook (macOS) and iPhone (iOS) connected via USB Connection

  • Wireshark (packet capture and analysis tool)

  • MaxMind GeoIP Database (for IP geolocation analysis)

 

Steps to Capture Traffic:

  1. Install Wireshark: Ensure that Wireshark is installed on the MacBook.

  2. Enable Packet Capture: Select the appropriate network interface (USB or Wi-Fi, depending on how the iPhone is connected to the internet). Set up an RVI for the iPhone device by executing the command. To get the serial number, go to About This Mac > More Info > System Report > Hardware > USB > USB Tree, then look for your iPhone.
    rvictl -s [Device Serial Number]

  3. Verify RVI Interface in Wireshark: After setting up the Remote Virtual Interface (RVI) for your iPhone, open Wireshark and check if the interface rvi0 appears in the list of available capture interfaces. The highlighted rvi0 interface confirms that the iPhone's network traffic can now be monitored.

    To proceed, select rvi0 and start capturing packets to analyze network activity on the iPhone.

  4. Start Capturing Traffic: Start by filtering using the IP address of the iPhone, then begin the packet capture before launching Agora Convo AI.

  5. Open Demo App of Agora Convo AI: Open the app and interact with it to generate network activity.

  6. Stop the Capture: After sufficient interaction, stop the capture in Wireshark.

  7. Analyze the Data: Use Wireshark’s filtering and analysis tools to inspect outbound connections, data destinations, and possible data collection patterns.

Steps to Use MaxMind for Geolocation:

  1. Download and Install MaxMind GeoIP Database: Obtain the latest GeoLite2 database from MaxMind’s official site.

  2. Configure Wireshark to Use MaxMind:

    • Go to Edit > Preferences > Name Resolution.

    • Enable the Use GeoIP Database option and select the downloaded database.

  3. Add GeoIP Columns:

    • Right-click on the Wireshark column header and select Column Preferences.

    • Add new columns for GeoIP Country, GeoIP City, and GeoIP Organization.

    • Map these to the appropriate GeoIP fields.

  4. Verify the Data: After configuring, examine the destination IP addresses to see their associated locations and companies.


Packet Inspection:

  • DNS Requests: Identify the domains the app queries.

  • Outbound Traffic: Analyze the IP addresses and domains receiving data.

  • Protocol Usage: You can also determine whether the app uses secure (TLS/SSL) or unencrypted transmissions.

  • Geolocation Analysis: Use MaxMind data to determine the physical location and company of destination servers.

Potential Indicators of Data Collection:

  • Repeated requests to external servers.

  • API calls sending user interactions or metadata.

  • Unusual traffic spikes correlating with user activity.

Conclusion

By capturing and analyzing Agora Convo AI’s network traffic, we can determine if the app transmits user data and where it sends it. The integration of MaxMind's GeoIP database allows us to pinpoint the geographic locations and companies associated with destination servers, providing deeper insights into data routing. If any suspicious activity is detected, further investigation would be needed to ensure user privacy and security.

 
 

 

 

 

Related articles