Blabber.im contacting Google and Department of Defense

Hi,

I have been cleaning my phone from Google/Xiaomi related stuff and is mostly using apps downloaded from F-droid. I´ve kept an eye on which apps has been using the Internet and where they go. A few weeks ago I finally felt happy that all unnecessary communication had been stopped and it´s been fine for some time. Now I discover that in the middle of the night while sleeping Blabber.im got extremely active, Blabber.im has been busy trying to connect to Google LLC, Department of Defense, VeriSign, WIDE project, Cogent Communications, NETNOD, USAIC, University of Maryland and others.

And I only have 3 persons in my XMPP network, that are only connected to each other. None have anybody else on their contact list.

Now I´m new to XMPP and have no clue if this can be because of the federated nature of the network.

Hope for some insights.

Best regards,
Frederik

root-servers.net are the root DNS servers of the internet. If your DNS server doesn’t have the info cached, you may end up talking to them.

An example: you want to connect to blabber.im, but you don’t have it in your cache. You also don’t know from your cache who can tell you about .im domain names, so you then ask root-servers.net “Hey, where can I find the DNS servers for .im domain names?”

So, don’t worry, this is normal behaviour and not related to blabber.im specifically: https://securitytrails.com/blog/dns-root-servers

1 Like

Hi,

Thanks you, it makes sense that it´s just the root servers. When I dig a bit in my memory, I do remember about the root servers.

I´ve set up private DNS to 1dot1dot1dot1.cloudflare-dns.com, it doesn´t accept an IP address. So guess that this address has to be resolved by another DNS, but supposedly not that often?

So shouldn´t Blabber.im just go to 1.1.1.1 and resolve the addresses? Why does it need to go to the root servers?

Yes it tries to access DNS by itself, you can ignore those, don’t allow them, let Android resolve and pass the info.

Only allow your XMPP server address.