You are reading a single comment by @HilmarSt and its replies.
Click here to read the full conversation.
-
were you looking in the code for a gnss-aide.com address?
I've used a .dex to .java decompiler and did a full text search in the sources.
But now I think that SMA isn't so unexperienced to allow this:
If I were SMA and wanted to protect my credentials I would authenticate the watch via API, wait for the SMA server to download from gnss-aide.com and provide the AGPS data via API - I think, thats what you observed.
I'm not experienced enough to find the AGPS data in the protocol, so I give up.Maybe someone is able to solder 2 wires to the serial port of the GPS hardware in the Q3 watch and capture the AGPS data from there...
HilmarSt
Well that's irritating - I just tried here with an unflashed Q3 and despite setting up a proxy with a trusted certificate, the app doesn't trust it.
However when I try to update the AGPS it requests some API at SMA by the look of it, so I doubt it goes direct. Although we may be able to get the GPS data second-hand from SMA's servers.
@HilmarSt were you looking in the code for a gnss-aide.com address? What about if you try and look for some GPS-related API access?