UPDATE: 3/11 10:30 AM
AYANEO has responded to both our email and the original GitHub post, sharing more information regarding the AYAWindow “Snapshot” folder. Both responses are the same and read as follows:
Hi! Thanks for looking into this and raising the concern – we appreciate privacy-conscious users.
About the screenshots:
1. DS has a dual-screen task manager feature that needs to render app thumbnails from the system. This is normal behavior.
2. However, there’s a bug – the cache isn’t being cleaned up, causing screenshots to accumulate.Our team has identified this issue and will push a fix soon.
About privacy:
1. These images are small and stored in the app sandbox, posing no security risk
2. AYA does NOT upload any of this data.
3. About the data traffic: Android calculates traffic by Linux UID. AYAWindow uses the system UID (android.uid.system), so all traffic from apps sharing this UID gets counted together. You can check other apps with the same UID (like “Phone” in Settings) – they’ll show similar traffic. This is actually total device usage, not just AYAWindow.
The GitHub reply actually goes a bit further, requesting help from the original commenter in order to try to identify what data is being sent, and from where. So while it seems that AYANEO isn’t actively spying on Pocket DS owners, it doesn’t quite fully explain why the AYAWindow app is reporting more than 12GB of data being transmitted (in the case of the original post).
We appreciate AYANEO responding in order to try and clear up any concerns, and we hope to see the bugfix released as soon as possible.
Another day, more potential controversy has arrived for AYANEO. However, this time around, it has nothing to do with pre-orders, shipping dates, or any of the other issues that we’ve covered and/or endured. As first noted by Mr. Sujano, AYANEO’s built-in AYAWindow app may not only be taking screenshots without your knowledge, but also sending those screenshots to servers somewhere.
According to the “issue” raised on Mr. Sujano’s GitHub sources, the attached image shows the folder location as data > data > com.ayaneo.gamewindow > cache > snapshot. The post provides the following additional information:
There’s over 1200 screenshots in there of me performing various actions/playing different games, and it updates in real time (for example: if I open an old screenshot, a screenshot of that screenshot becomes the newest screenshot) which I find really troubling.
In addition, the AYAWindow app has transmitted 12.5GB of data off of my devices since November 17th. I encourage everyone with a rooted Ayaneo device to go poking around in that directory and check how much data your AYAWindow app has transmitted.
After learning about this, I began rooting my various AYANEO handhelds in an effort to see if I could find the same folder. Here’s what I’ve found so far:
| Device | AYAWindow App Version | Snapshot Directory Present |
|---|---|---|
| AYANEO Pocket DS | v1.5.99 | โ |
| AYANEO Pocket DMG | v1.5.66 | โ |
| AYANEO Pocket ACE | v1.5.66 | โ |
| KONKR Pocket FIT | v1.5.84 | โ |
Admittedly, I can’t speak to the amount of data that was transferred, as I haven’t used my Pocket DS nearly as much as the original poster. However, after digging a bit deeper, I installed the PCAPdroid app so I could try to see whether the screenshots (or data in general) were being sent abroad.
It didn’t take long, but a few minutes after getting everything set up, I noticed the first domain that I didn’t recognize: android.bugly.qq.com. A quick Google search later, and this is described as being “Tencent’s Bugly service, a tool designed for Android developers to track app crashes, exceptions, and operational data.”
When opening the connection in the list to view more information, it does show that data is being transferred to servers abroad.
Even if you want to make the argument that it’s a common and (mostly) trusted application, there are a couple of questions that are still valid:
- Why is it present on the Pocket DS, but not handhelds?
- Is v1.5.99 a unique build specific to the Pocket DS, or will it eventually arrive for other AYANEO handhelds?
- If the purpose of capturing screenshots is to help with debugging and troubleshooting, where’s the disclaimer?
- Why is the folder being constantly updated with new screenshots?
- Where and who is the data being sent to?
I’ll be leaving the PDACdroid app installed and running on my Pocket DS, in order to see if anything else peculiar appears. In the meantime, we’re also reaching out to AYANEO for comment and continuing to investigate the situation until a conclusion is reached.
4 Comments
Man ayaneo never stops giving (and getting)
And now, someone who seems to be an AYANEO engineer has posted an explanation on the original thread, and it makes sense to me at least.
Being part of the AYANEO drama as a KPFElite backer, I feel strong frustration with this Chinese company, but I’m not going to be a conspiracy theorist about this matter
I got this thing at the early bird pricing of $200 and for that itโs worth every penny.
Sorry, ignore that, meant to post this in the Pocket Max review and somehow got redirected.