I've been a lurker here for some time.
I'm part of the minorty who don't have a dataplan but I do want the ability to send and receive mms messages.
For this reason I have mainly used MIUI-based roms in the past. I can, with other roms, (such as CM-based ones) manually turn on and off data to grab or send the messages but I'd like something more automated.
From what I gather there are a couple alternatives and neither seem ideal.
1.) use an app - I have seen references to APNandroid though I haven't tried it.
2.) use tasker or some scripting to automate turning on and off data only when mms is sent or received
Is there anything else that can be done?
Is MIUI's method just a hardcoded implementation of #2 above?
Thanks for looking.
kmem said:
I've been a lurker here for some time.
I'm part of the minorty who don't have a dataplan but I do want the ability to send and receive mms messages.
For this reason I have mainly used MIUI-based roms in the past. I can, with other roms, (such as CM-based ones) manually turn on and off data to grab or send the messages but I'd like something more automated.
From what I gather there are a couple alternatives and neither seem ideal.
1.) use an app - I have seen references to APNandroid though I haven't tried it.
2.) use tasker or some scripting to automate turning on and off data only when mms is sent or received
Is there anything else that can be done?
Is MIUI's method just a hardcoded implementation of #2 above?
Thanks for looking.
Click to expand...
Click to collapse
I've used the app droidwall
https://play.google.com/store/apps/details?id=com.googlecode.droidwall.free
,,, to which i can allow 3g / and/or / wifi to apps off my choice,,,
,,, that way i can just leave 3g on for the most part
Sent from my swagger
Hi guys, I'm looking for a way to block internet access for individual apps on my Home & Work wifi networks only, but not on other wifi networks and 3G...
I'm on 4.4.2 KK and usuing AppOps + Android fiewall, but non of these apps do what I need... Android fiewall for example allows blocking app from Wifi and no matter where...
if you know some app that allows this kind of thing, please let me know,
THANKS
I think you might have to use a combo. Something like this:
https://play.google.com/store/apps/details?id=com.googlecode.droidwall.free
+
https://play.google.com/store/apps/details?id=net.dinglisch.android.taskerm
+
https://play.google.com/store/apps/details?id=com.intangibleobject.securesettings.plugin
I believe there are some newer Tasker type apps that are free, but dunno about something like the Secure Settings plug-in. Now, I've never set anything up like this, so am only providing this as one possible method that I have not tested.
Ok thanks, I'll check Tasker, my friends recommended about this one long time ago...
about the way DroidWall is fine, but I'm using Android firewall which is based on DroidWall but is better...
10X
Xposed app firewall.
This app is an firewall for the installed apps. Only apps with permission "android.permission.INTERNET" are
shown. IPv4 and IPv6 are supported together with TCP and UDP. You could configure outgoing and incomming
connections independent from each other.
The rules could be applied for each network: W-Lan, local network, mobile, roaming, unknown.
Logging is configurable for incomming/outgoing and allowed/denied connections.
Colors:
Blue: Template is used.
Yellow: Custom settings.
Green: The app is trusted.
Red: The app is blocked.
Features:
No iptables required, the kernel doesn't need to support it.
The firewall is active when Android starts, no startup data leak.
The rules are always active, no re-apply on connection change is needed.
Limitiation:
Host names in the log file are PTR entries.
Works only for Android (Java), not the native (Linux) part
Donation:
No self-promotion in the app.
You could trust or block an app (Menu/ActionBar)
You could use a template for not configured apps
Additional (experimental) networks: Bluetooth, WiMAX, Ethernet
Tasker support, per App
You support this app and further development!
Permissions:
ACCESS_SUPERUSER: apply iptables rules
This app does not connect itself to any websites or hosts!
Important:
This app needs the Xposed Framework. The framework requires root access for installation. Don't forget to enable the module in Xposed. You can grab it here: Xposed Installer
Website: http://tinyurl.com/l5bpv23
Play Store: http://tinyurl.com/ome2pvc
Xposed Repository: http://tinyurl.com/ksc6plz
Changelog: http://tinyurl.com/n8gsqja
Why this app? No firewall for Xposed exists yet
Translation:
You could find here a interface to translate the english strings: http://tinyurl.com/okycacj
A free account of www.oneskyapp.com is required to edit. Additional, please attach your email address or send it via PM
Insane.. I was looking for something like this about 12 hours ago.. its almost like you read my mind and made it just for me!.
I like your style. Nice and simple and keeping it in line with your others.
Sent from my GT-I9300 using Tapatalk
Downloading now.
Sent from my SCH-I535 using XDA Premium 4 mobile app
shivadow said:
Insane.. I was looking for something like this about 12 hours ago.. its almost like you read my mind and made it just for me!.
I like your style. Nice and simple and keeping it in line with your others.
Sent from my GT-I9300 using Tapatalk
Click to expand...
Click to collapse
Maybe you head me thinking loud 6 weeks after starting this app: "i will release today, if there are still error, i'll fix them later"
Am I correct in assuming this is not open source?
I got a question about incoming/outgoing connections, maybe somone else want to know:
Incoming connections are used by less than 1% of all apps. This is used if the app is a "server", like BubbleUPnP. So most time incoming conections could be blocked, i think for mobile network 100%.
An outgoing connection is like a phone call: You call someone (outgoing connection), and can talk (send "data") and hear (receive "data")
Wifi Internet and Network:
If you want to control eg your local tv-receiver, xbmc device or avm router (with FreetzMobil), only connections to the local network are required. This prevents app to send data to the internet.
The "local network" are all "private" IPv4 and IPv6, they will not be forwarded by internet routers. Additionally, if you use "public" IPs they are local if it is in the same subnet as a ip of your device. Uncommon for IPv4 usage, but public IPv6 are the common usage (public IPv6 for every device)
an0n981 said:
Am I correct in assuming this is not open source?
Click to expand...
Click to collapse
As usual i send source only to people i know
I took this mod for a quick test drive, a little feedback:
-Is it not possible to restrict kernel?
-Could it be that apps that use native libraries to connect to the internet cannot be restricted? Firefox and Mega (both use native libraries) were able to connect even when completely restricted.
Also a little cosmetic issue com.android.process.gapps showed completely green at all times. However restrictions were applied properly
an0n981 said:
I took this mod for a quick test drive, a little feedback:
-Is it not possible to restrict kernel?
-Could it be that apps that use native libraries to connect to the internet cannot be restricted? Firefox and Mega (both use native libraries) were able to connect even when completely restricted.
Also a little cosmetic issue com.android.process.gapps showed completely green at all times. However restrictions were applied properly
Click to expand...
Click to collapse
Yes, see OP: "Limitiation: ... no native binaries." This is because the design of Xposed
Isn't it "com.google.process.gapps"? Onyl this one app has the wrong colors? Has it a green dot for "trusted app"? What did you configured for it?
Yes I meant com.google....
I set it from template to custom, blocked everything, however in the app overview it still showed as all green. When it was restricted GCM was blocked and the log showed blocked connections to mtalk.google.com:5228. Then I unrestricted outgoing mobile and wifi and GCM was available and the log correctly showed allowed connections but the colors in the app overview didn't change
Version 1.0.1 uploaded
- fix "incoming" thx @w0rinal
- also an error related to coloring, @an0n981 can you check if it fixes your problem? Toggling options could be required
defim said:
- also an error related to coloring, @an0n981 can you check if it fixes your problem? Toggling options could be required
Click to expand...
Click to collapse
Sorry the bug is still present
Also 1 more questions. Do you see any problem running this along side AFWall?
The bug affects any app that starts end ends with <>. <android.media> and <org.mozilla.firefox.sharedid> also always revert back to displaying completely green once the app is reloaded
an0n981 said:
Also 1 more questions. Do you see any problem running this along side AFWall?
Click to expand...
Click to collapse
No, should work without problems. The one created iptables rules other hooks the connection methods - if one fails, the other does it
an0n981 said:
The bug affects any app that starts end ends with <>. <android.media> and <org.mozilla.firefox.sharedid> also always revert back to displaying completely green once the app is reloaded
Click to expand...
Click to collapse
The "<>" entries are not real apps (.apks) with a package name, they are uids. At app start i load all installed apps with internet-permission and hide apps which are no more installed / have not any longer the permissions -> the uid items are not in the list of installed apps (obviously)
Will be fixed in next release
EDIT: Uploaded
This is awesome ?
A few questions:
- is there a way to edit template? I couldn't find it anywhere in settings- am I missing something?
- Can you add multiple selection? For example, someone has lots of apps and wants to block roaming to them etc. etc. without having to change it manually for each app.
- filtering or sorting apps? perhaps something simple like the way afwall , or a more thorough filter like XPrivacy has?
Sent from my Nexus 5 using Tapatalk
defim said:
The "<>" entries are not real apps (.apks) with a package name, they are uids. At app start i load all installed apps with internet-permission and hide apps which are no more installed / have not any longer the permissions -> the uid items are not in the list of installed apps (obviously)
Will be fixed in next release
EDIT: Uploaded
Click to expand...
Click to collapse
Confirmed fixed
jaibar said:
This is awesome ?
A few questions:
- is there a way to edit template? I couldn't find it anywhere in settings- am I missing something?
- Can you add multiple selection? For example, someone has lots of apps and wants to block roaming to them etc. etc. without having to change it manually for each app.
- filtering or sorting apps? perhaps something simple like the way afwall , or a more thorough filter like XPrivacy has?
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
The template is used for all "blue" apps, which where are not configured by user. Modifying template is part of the donator options (see OP).
Btw, next planned feature: detection of VPN connections
defim said:
The template is used for all "blue" apps, which where are not configured by user. Modifying template is part of the donator options (see OP).
Btw, next planned feature: detection of VPN connections
Click to expand...
Click to collapse
Nice feature !
I dry tested this app (i.e. not checked in the Xposed module on my device) and already saw that the VPN was missing. Now I use AFWall+ which is good and has more profiles. I block all Google apps with it with a 'limited internet' profile and every time I download something from Play, I load another profile which allows 'Google Play services' and 'Google Play store' internet connection and after download/update I revert to 'Limited internet'.
On my Mac I have 'Little Snitch' firewall which has the ability to let it prompt for certain apps which I don't want to be connected permanently (such as the Mac App Store), but only when I do e.g. an OSX update. In that case I let it prompt and say 'only this time'.
A similar approach on LightingWall should be very welcome. E.g. a notification that the Play store wants to connect with internet and when one wants to download / update an app, say 'only this time' and not permanently.
mermaidkiller said:
Nice feature !
I dry tested this app (i.e. not checked in the Xposed module on my device) and already saw that the VPN was missing. Now I use AFWall+ which is good and has more profiles. I block all Google apps with it with a 'limited internet' profile and every time I download something from Play, I load another profile which allows 'Google Play services' and 'Google Play store' internet connection and after download/update I revert to 'Limited internet'.
On my Mac I have 'Little Snitch' firewall which has the ability to let it prompt for certain apps which I don't want to be connected permanently (such as the Mac App Store), but only when I do e.g. an OSX update. In that case I let it prompt and say 'only this time'.
A similar approach on LightingWall should be very welcome. E.g. a notification that the Play store wants to connect with internet and when one wants to download / update an app, say 'only this time' and not permanently.
Click to expand...
Click to collapse
Xprivacy implements a similar thing, allowing the user to be informed when one of the restrictions are asking for access of that permission, including internet permissions(no distiction between lan or vpn), i would also welcome an on demand prompt feature for this app, its one faeture i wished afwall had, but believe it cant because of the nature of iptables i believe,
Saying that im also kinda worried that this might conflict, two apps essentially fighting for control to "pause" the system, hope im wrong, maybe if the two devs of the two respective apps co-orporated in implementation,it might be resolved, if there is an issue, i dont know........... but im getting ahead of myself here, defim has not even stated that he'll implement this, still, no harm in discussing possibilities, slim or not
@banderos101 @mermaidkillerIf you want to be informed if an app is allowed or denied to access some hosts, you could get it with Tasker. Just with a simple message box or more enhanced things Tasker can do. It should not be a problem using this app wiht Xprivacy, AFwal etc. If you block a connection with one app, it could be that the others can't see/log it. This depends on the order of the apps, An iptables firewall should be the last the connection is passing.
A per host filter is not planned, if you want to stop connection to some (tracking, malwar, adware) hosts a hosts file filter could be used, like my UnbelovedHosts
defim said:
As usual i send source only to people i know
Click to expand...
Click to collapse
Too big a risk to take for security software like this. Post your work up on Github under a reasonable license.
I'm not seeing a big advantage over the GPL AFWall+ anyway.
hello guys i would like to know if it is possible to access the U.S playstore in the middle east on my s2 i9100, and whether it would work on other Android devices as well
i have used some VPN apps, but they just dont work for me it wont connect to the U.S servers.
is there anyone who can help me with this ,thanks in advance
Sounds like your carrier is blocking the VPN's, and if that is indeed the case, you're probably boned unless you find one which isn't blocked. Have you tried (A VPN) with a regular internet connection over WiFi (rather than over mobile data) to see if you can get around it that way ?
Have you tried US proxies ? (If you haven't, Google). From memory there are a number of apps which will 'proxify' any app that uses the internet (this can bit a bit hit or miss so far as whether an app will actually work this way or not though, like Orbot mentioned below). Also, keep trying VPN's; there are literally dozens (at least), if you want access to US GP badly enough, you'll try as many VPN's as you need to in order to achieve it. I know trying 5, 6, however many you've tried is a lot (and normally it would be), but you may have to try a lot more than that given your circumstances.
You could also try Tor; Orbot specifically - I have no idea whether GP will work specifically through Orbot in this way as I've never tried it (I do use it regularly on my phone for a bunch of other stuff though), theoretically it should though; any app that accesses the internet should be able to be made to route through Orbot/Tor; doesn't always work that way/easily though.
You'll need to manually configure Orbot to use a US exit node (which is relatively easy enough to do, Google for how to do this).
So...You can probably achieve this, but it depends on how motivated you are to do it. I understand a number of Middle Eastern countries impose all kinds of restrictions on the internet/telecoms, so based on what you've said, you're obviously going to have to work your way around them.
Edit - This page has instructions on how to configure Orbot to use exit nodes in a specific country only. Fairly simple. Again, whether it works or not, no idea as I've not tried it, but looks pretty straightforward.
Hi everyone! This is my first post, but I have used the search tool already without success. I am just a user, not developer and quite noob regarding mobiles and security.
Situation
1. I've got hacked, total control (photos, emails, camera, contacts, whatsapp, screen etc) of my unrooted android phone (xiaomi redmi note 7).
It was a targetted attack, no manual app installed, no unsafe 3rd party apps allowed. Attackers only had my gmail account (linked to android) and telephone number. I know them personally, and they leaked personal information to people at work (who enjoy it between them but won't help me at all).
No high consumption of battery/data. Just leeching information, launching some apps eventually, and few interactions with the screen minimizing etc.
2. I Installed antimalware (e.g malwarebytes), antivirus (avg, esset etc). No positive results. I also installed "Noroot firewall" to control programs accessing internet, nothing strange.
3. I've changed emails(new), SIM + Telephone. Got hacked again. I suspect my own wifi was compromised.
Additionally, added 2 step verification to emails, changed passwords, encrypted the device etc. I have found no IP from them in the emails log, nor alert from gmail. Only once a session from Linux device (not mine). I believe they have accessed through the device.
4. I want to restore the device somehow and avoid getting hacked again.
One of the problems I face is taht that now I'm not in the same circle of people from which I gathered most of the info on the leaked information, so I can't get to know if the actions I am taking got rid of the hack, besides some punctual actions they may do (launch app etc). So I have to act quite paranoid and do the most secure action.
Question
1. Any idea on how they managed to do that? how can I prevent it or prove it? a reset would get rid of any proof, but I kinda prefer it if it is once and for all.
2. A hard reset only formats one partition (user data), so if there is a trojan located in /system it would be pointless. With an unrooted device I can only get rid of /cache and /data.
Should I install another ROM?(my phone has always been unrooted) which one? (restoring the stack ROM would probably be pointless if the vulnerability is due to android...
3. Is there any other measure I could take?
I'd appreciate any help.
Thank you!