XTRA is a PSDS implementation, meaning it downloads static files providing predicted satellite locations and geographical data to assist with obtaining a faster GPS lock. It is not SUPL or IZat. Broadcom GPS relies on the AOSP PSDS implementation but Qualcomm uses their own.
Qualcomm originally hosted the databases at izatcloud.net which confused people by making it seem as if IZat is being used when it isn't. IZat is their default disabled network-based location service as an alternative to Google's service. Most devices don't support it.
The newer default URLs for the database downloads use xtracloud.net subdomains along with time.xtracloud.net / nts.xtracloud.net for NTP / NTS. NTS (authenticated NTP) is disabled by default which doesn't particularly matter since it's not to set system time.
NitroKey is correct that xtra-daemon has support for sending information on the device including device model, serial number, etc. They're also correct that the user is never asked about it. It's less of an issue than SUPL which sends nearby cell towers, phone number and IMSI.
Fairphone is an insecure device with substantially delayed privacy and security patches. It receives the Android Security Bulletin patches consistently 1 to 2 months late and receives the recommended patches years late. It has a broken, insecure verified boot implementation. They have also misled their users about support by claiming their devices will get 6 years of support when they can only provide 2-3 years of security patches. That is not a privacy first device at all.
Add comment