Hello, I am having the same problem as Michael above.
Chris, Ive tried all your possible solutions, but none of them checkout. For your most promising suggestion to make sure the calls are happening/being logged at the same time, I created a simple apk to connect to a server and read back the index html code. First, I connected using the HttpClient, HttpGet, HttpResponse route. Using strace, I was able to log connect(), socket(), and recv() syscalls. Second, I tried connecting using sockets with Socket, a request message, and streams. I was also able to log connect(), socket(), and recv() syscalls. I ran the apk on the emulator (v2.3.3) for both. But these are strange results, because I also do not get connect() or socket() syscalls when stracing major apps like Facebook, Dropbox, or the phone's browser. Could this possibly be because they are using a different method of sending data (that isnt via HTTP req's or Sockets)? Have you heard of other "popular" ways of sending data? Thanks, Lorenzo On Aug 19, 1:34 pm, Chris Stratton <[email protected]> wrote: > On Friday, August 19, 2011 1:17:52 PM UTC-4, michael wrote:Hi, all, > >I did a lot of search about this, and still no clue about why I cannot > >find the system calls socket() and connect() in the log of strace of > >Android applications, like Dropbox trace below: > > Well, first, use the adb shell to strace something simple like ping or > netcat that you launch from the command line to convince yourself that it > works. Also, in something like the emulator where that is a root shell, > attach to the native web browser. > > Consider some possible reasons why you might not see network calls when > stracing a given app: > > - It hasn't actually used the network yet > > - The network access (or network-unique syscalls such as socket() or > connect() ) hasn't happened during the time you are tracing (you can cross > check with netstat -n or poke around in /proc looking at sockets and fd's > that are sockets, then see if strace showed any i/o operations on them) > > - The network access is being done by a background service running as a > separate process (should show up in 'ps' probably with the same uid as the > main process. > > - (unlikely) It was handed the file descriptor to an open/connected socket > by another process > > - (unlikely) It's taking active measures to be hard to analyze -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
