Noseyparker – 31 July

I completed the PII detection code in the TLS proxy handler today. During testing, I ran about 20 mobile applications to check on the PII logged - it was very surprising (and concerning) how much of my personal information apps sent and the number of different services! I found one app which sent my information to 8 different services, including advertising, analytics and performance services.

I started on a new base PII connection handler that will be inherited by the HTTP and HTTPS PII handlers. Unfortunately the current HTTP PII handler isn't aware if the connection uses SSL, and alerts are firing for HTTPS as well. However, the new base PII handler will contain alot of code that will be inherited - and make the HTTP and HTTPS PII handlers much simpler.