[ About The ICSI Haystack Project ]
Your phone hosts a rich array of information about you and your activities. This includes a range of identifiers, location data and even your contacts list. Often time, apps collect such privacy-sensitive information and share it with third parties such as ad networks and analytics services without your consent for advertising and tracking purposes.
The Haystack Project is an academic initiative led by independent academic researchers at ICSI--UC Berkeley and IMDEA Networks in collaboration with UMass and Stony Brook University. At the core of the project is the Lumen app, an Android app that analyzes your mobile traffic and helps you to identify privacy leakes inflicted by your apps and the organizations collecting this information.
Keep control of your data
Lumen identifies apps leaking your privacy-sensitive data over the network so that you stay in control of your network fingerprint.
Find Online Trackers
Lumen reports the third party organizations collecting your personal information.
Lumen supports TLS interception so you can identify apps leaking privacy-sensitive information over encrypted traffic in real-time.
[ Lumen features ]
Easy to Use
Finding out how your apps behave in the networks and how they extract or leak your personal information is as simple as clicking the start button and letting Lumen run! For security purposes, Android will inform you that your traffic will be intercepted, asking you for permission to continue. You may need to also install an additional TLS certificate to enable intercepting TLS traffic. If you miss it during installation time, don't worry! You can re-install it any time from the app settings. We strongly recommend reading in its entirety the tutorial shown the first time you run the app.
Learn About Your Mobile Apps
Most likely, very soon after turning on Lumen you will quickly learn interesting facts about the apps that you run on your phone. You can use Lumen to understand where your apps connect to, which data they share with third parties and even how much traffic they waste for advertising and tracking purposes so you can decide whether to uninstall those that strike you as too intrusive. Not all devices provide the features required by Lumen to operate. If after a few minutes you observe that Lumen does not identify any privacy leaks, read our FAQ and feel free to get in touch with us.
Apps may sometimes leak information to not only their own servers but also to online advertising networks or other online tracking services that monetize your metadata. Lumen aims to help you to understand many dynamics that may remain unknown for you! Lumen analyzes your mobile traffic and generates reports about the traffic patterns and the private data collected by each application and online service.
Illuminating App Behavior
Nearly 70% of Android apps leak personal data to third-party services such as analytics services and ad networks. The data provided by Lumen users is used to promote app and service transparency. For instance, you can play with our interactive ICSI panopticon tool to better understand the whole mobile ecosystem and how apps use third-party online trackers. You can also contribute to our research efforts by installing and running our Lumen app!