Rivian app calls analysis ?

[jemkewl]

Has anyone done an analysis on what the Rivian app calls?

Looks like upon launch of the Rivian app the following domains are called:
graph.facebook.com
rivian.com
app-measurement.com
events.mapbox.com

Just curious with the recent api threads if anyone has traced in detail what the app or the car may be calling...

Sponsored

 

[elektrode]

Why the f**k would it call Facebook?!

 

[EVnewb]

Why the f**k would it call Facebook?!

My truck has more friends than I do ?

 

[Zoidz]

Why the f**k would it call Facebook?!

Yeah, here's why, but why?

It would be fun to get the access token and find out what user id they are using, but it's https: encrypted.

"The Graph API is the primary way for apps to read and write to the Facebook social graph. All of our SDKs and products interact with the Graph API in some way, and our other APIs are extensions of the Graph API, so understanding how the Graph API works is crucial."

 

[Dark-Fx]

Has anyone done an analysis on what the Rivian app calls?

Looks like upon launch of the Rivian app the following domains are called:
graph.facebook.com
rivian.com
app-measurement.com
events.mapbox.com

Just curious with the recent api threads if anyone has traced in detail what the app or the car may be calling...

Easier to get the information out of the app by decompiling it. The truck, there's not really a chance of getting that info out since the communications are encrypted and use certificate verification.

 

[jemkewl]

Easier to get the information out of the app by decompiling it. The truck, there's not really a chance of getting that info out since the communications are encrypted and use certificate verification.

I haven't looked, is it encrypted via standard https transit or encrypted before sent?
With a simple transparent proxy / ssl bumping, the https route could provide visibility...

 

[Tucker74]

Yeah, here's why, but why?

It would be fun to get the access token and find out what user id they are using, but I assume this is encrypted.

The Graph API is the primary way for apps to read and write to the Facebook social graph. All of our SDKs and products interact with the Graph API in some way, and our other APIs are extensions of the Graph API, so understanding how the Graph API works is crucial.

Likely the app is using the GraphQL framework, very common for mobile app development. As to “why”, gotta be able to hire folks to develop the app and the majority of them right now are using NodeJS/React with GraphQL ¯\_(ツ)_/¯

 

[jemkewl]

Doesn't look like DoH or DoT is used by the truck -
Just looking at the domains queried by the truck:
ruploader-prod-tcm-logs.s3.amazonaws.com
ruploader-asset.rivianservices.com
device.ota.goriv.co

There may be more, but those queries are nearly by the minute between 4am and 9am and I would need to try an analysis on something other than a phone.

This could explain vampire drain though if while my truck is sleeping it is constantly communicating out (which appears to be the case).

 

[Zoidz]

Likely the app is using the GraphQL framework, very common for mobile app development. As to “why”, gotta be able to hire folks to develop the app and the majority of them right now are using NodeJS/React with GraphQL ¯\_(ツ)_/¯

Yeah, but GraphQL is an open language. It's not required to access FB to use GraphQL. I suppose it is possible Rivian is using FB as a service to host a private GraphQL database.... ?

 

[johstacy]

has anyone checked to see where the truck is communicating when it is connected to your home network? I haven't done this (lazy) however you may also want to look at the traffic that is happening over Bluetooth. I happened to do a Bluetooth discovery with the truck near by the other day and it came up as 4 separate devices... might be worth getting Wireshark in front of this thing or if anyone has some advanced firewall logging.

Sponsored