So on most public/free wifi hotspots nowadays, there is some kinda of HTTP auth page that comes up when you try to visit a website. Personally, I find that VERY annoying. I would like to know if there is an app of any kind that would allow automatic bypass of these auth pages, and/or remember login processes for them. I understand preprogrammed auth methods would be difficult, think of every single hotspot or hotspot provider. Maybe one that just remembers the auth process (isn't mainly just simple get/post commands, nothing special?) would be more likely to find. If you know of one, please share it! Thank you!
EDIT: Mod, I forgot to add the question prefix to the title, could you do that for me?
a_p3rson said:
So on most public/free wifi hotspots nowadays, there is some kinda of HTTP auth page that comes up when you try to visit a website. Personally, I find that VERY annoying. I would like to know if there is an app of any kind that would allow automatic bypass of these auth pages, and/or remember login processes for them. I understand preprogrammed auth methods would be difficult, think of every single hotspot or hotspot provider. Maybe one that just remembers the auth process (isn't mainly just simple get/post commands, nothing special?) would be more likely to find. If you know of one, please share it! Thank you!
Click to expand...
Click to collapse
There is an app on google play, https://play.google.com/store/apps/details?id=co.uk.syslynx.wifiwebloginapp . It's a paid app, but it works excellent.
If you want to learn, you may look for another similar open source app, https://play.google.com/store/apps/details?id=org.bobarctor.Rm3Wifi , the problem is that this app is only for a university, not for every auth page, but the source is here: http://code.google.com/p/rm3wifiauthentication/ , so it's possible to use it as the base of another similar app
Has anyone tried "WIFI AUTO-LOGON" ?
Related
After the recent article on apps that are sharing our personal information, it occurred to me that this should be an easy problem to fix. All we need is a good personal firewall app. Heck, iptables would be a great start, but it can be hard to implement that on an app by app basis. It will be hard to set up for apps that have legitimate needs to connect over port 80 for legitimate needs, but also uses that same port for less than legitimate needs. So I guess it will also take some blacklisting of certain servers, perhaps along the lines of the ad blockers apps that modify the hosts file.
Or does such an app already exist?
Skip
Here you go:
http://www.appbrain.com/app/droidwall-android-firewall/com.googlecode.droidwall.free
MrGibbage said:
After the recent article on apps that are sharing our personal information, it occurred to me that this should be an easy problem to fix. All we need is a good personal firewall app. Heck, iptables would be a great start, but it can be hard to implement that on an app by app basis. It will be hard to set up for apps that have legitimate needs to connect over port 80 for legitimate needs, but also uses that same port for less than legitimate needs. So I guess it will also take some blacklisting of certain servers, perhaps along the lines of the ad blockers apps that modify the hosts file.
Or does such an app already exist?
Skip
Click to expand...
Click to collapse
1. There's already a couple adblock apps like Adfree which block a lot of stuff.
2. If you read the permissions for the apps you CHOOSE to download, then you'll know exactly what access to data they'll have. If you don't like that PaperToss wants access to your device ID, then just don't install PaperToss.
And of course, such an app would undoubtedly cause more issues than the perception of "security" it would provide, since you'd probably not be able to use half the apps anymore. Or they'd stop being ad-supported, and would begin to charge instead.
From the article:
Google requires Android apps to notify users, before they download the app, of the data sources the app intends to access. Possible sources include the phone's camera, memory, contact list, and more than 100 others. If users don't like what a particular app wants to access, they can choose not to install the app, Google says.
Click to expand...
Click to collapse
Just read the app permissions. That tells you almost everything you need to know.
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
MrGibbage said:
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
Click to expand...
Click to collapse
Maybe to detect a phone call and pause the game.
Sent from my SGH-T959 using XDA App
MrGibbage said:
The problem is, the app permissions don't tell you what you need to know. Here are the permissions for Paper Toss by Backflip Studios:
Your Location (coarse network-based location)
Network communication-full internet access
Phone Calls - read phone state
While the Location permission would be suspect, and would cause me to question whether or not I should download this app, the other two permissions are not so immediately obvious that they are "bad". Network communications is a permission needed by every app that has in-game ads such as AdMob. And I don't know why this app needs the Phone Calls permission, but almost every single app in the market uses that permission. At least it isn't asking for access to the address book or anything like that.
What I would like is for the app to tell us what it needs internet access for, and to tell us what information it is sending to third parties.
Click to expand...
Click to collapse
All free apps will collect some information .... so they know what ads to aim your way ..... so they can make money ... Every one does this .... on your computer its the same as your cookies .... and only the really paranoid will set their browser cookies settings to "ultimate :block all cookies "...
Here's the difference, android openness will allow others to research and publish their findings, un like others that are closed and will not allow research, and if anyway is found to get the research. done the publication will be deleted from the web ......
The openness is why you see soooooo many articles on this issue over n over, none of them mentioning that the paid versions of these apps don't collect any thing .....
How much personal information are you planning on storing in the paper toss game?
Consider this in your answer, android system runs apps in sand box mode meaning, one app cannot access another without YOUR permission, or if an app is infected with malware, that malware will only operate in that app, unlike your windows machine where it would have a free for all .....
ferhanmm said:
Maybe to detect a phone call and pause the game.
Sent from my SGH-T959 using XDA App
Click to expand...
Click to collapse
That's my point. That would be a legitimate need for access to the phone state. However, granting that permission also gives the app permission to make phone phone calls. I still think the apps need to be more specific about the permissions they need.
The bottom line is, these phones are great, they can run all kinds of awesome software, but the people writing the software need to make a living too. If someone really wants to prevent their phone from sending out personal information, then they should not install any software, and maybe shouldn't even be using the phone at all. But I still see a need for a firewall app (possibly DroidWall, as mentioned above) to help us prevent this type of thing from happening.
A permissions firewall would be much more interesting and useful in my opinion.
Being able to block a certain thing like "read contact data" for all apps and only permit access with a white list would be very useful to me.
Have any of you app developers faced this situation: You have an app that needs to download data from the Internet, but don't want to add the Internet permission to your application, because it may deter some users from installing the app. Moreover, the data may be large and may need to be saved to the SD card, which requires yet another permission. You also need to ensure that a network is available currently, which means more permissions (WiFi state, etc).
Here's my proposed solution: A URL fetch service
This will be a simple app which accepts URL fetch requests from other applications and fetches them (HTTP GET) from the internet as a background service. Upon completion, the data can be returned to the application as a byte stream.
Since this is based on a callback, the network need not be currently available. The service will (optionally) queue the request and fetch whenever a network is available.
Another useful feature would be avoiding duplicate requests. For example, an app may want to fetch some data periodically, say every two hours. But if the network is not available for two days, then only one request should be made when the network becomes available, not 50! This could be done by letting the app assign a unique id to the request. Requests that have the same id will over-write other requests from the same app with the same id.
Logging and Filtering
From the user point of view, there is tremendous advantage in having a centralized URL Fetcher, because she will be able to Log the requests that go through it, and also filter some requests. For example, she could filter an app that she doesn't want to be updated (for whatever reason).
Distribution:
The app will be open-source and made available on all App markets and also as a direct APK download.
The only hurdle to this idea that I can see is that the app will have to be installed separately by the user. The problem will be reduced over time as more and more apps use this service. So the chances of the app being already present will increase. Also, custom ROMs might pre-package this app, so it will be present by default.
__________________________________
Your thoughts?
Update:
I have begun coding this up. You can follow / contribute here:
https://github.com/hrj/SafeNet/
Questions or Problems Should Not Be Posted in the Development Forum
Please Post in the Correct Forums
Moving to Q&A
For an app like that, you are not going to be able to not allow the internet permission. It needs it to fetch the URL (from the internet) so it has to use it... Unless you have a huge database of all URL's stored on your sd card .
Theonew said:
For an app like that, you are not going to be able to not allow the internet permission. It needs it to fetch the URL (from the internet) so it has to use it
Click to expand...
Click to collapse
Yes indeed. The fetch service app will have the Internet permission, and the read/write to SD card permission. The idea is to reduce the number of entities that the user has to trust.
And since the service app will be open-source, the user can compile her own version and install it. In that case, she doesn't even have to trust anyone else.
I have put up a tentative project and have some working code already in my local repository. If you would like to follow the progress or would like to contribute, here's the GitHub link:
https://github.com/hrj/SafeNet/
cheers!
h_r_j said:
the user can compile her own version and install it. In that case, she doesn't even have to trust anyone else.
Click to expand...
Click to collapse
Great. One thing... all the users of your app aren't only female...
Theonew said:
Great. One thing... all the users of your app aren't only female...
Click to expand...
Click to collapse
I guess you are right.. I didn't check thoroughly
But seriously, he / she / it doesn't really matter. I don't like typing "he or she" in every sentence. So, I just pick between those words randomly.
h_r_j said:
I guess you are right.. I didn't check thoroughly
But seriously, he / she / it doesn't really matter. I don't like typing "he or she" in every sentence. So, I just pick between those words randomly.
Click to expand...
Click to collapse
Just put "they" .
Hi all,
I am moving into a shared accommodation soon and will be sharing a wifi network with a few other people and whilst I hope I can eventually trust them I would prefer to keep possible access to my account and password details at a minimum to begin with. I have tried a forum and google search but information seems to be focused around not using sensitive data on public wifi networks.
What I need to know is how can I block someone on my wifi network from snooping on my accounts and internet browsing whilst using the samsung galaxy s2. I'm sure some of this also crosses over with normal pc/mac safe practice and I'm sure there are many people/students that would find this information very useful. Thank you in advance and by the way I am rooted.
Anyone?
Sent from my GT-I9100 using xda app-developers app
Is incognito browsing using the android chrome browser enough?
How about a proxy server?
Solved, I think the TOR (Orbot) app seems like a good way to go.
theinstagator said:
What I need to know is how can I block someone on my wifi network from snooping on my accounts and internet browsing whilst using the samsung galaxy s2. I'm sure some of this also crosses over with normal pc/mac safe practice and I'm sure there are many people/students that would find this information very useful. Thank you in advance and by the way I am rooted.
Click to expand...
Click to collapse
You should consider different kinds of traffic:
1- Unsecure unimportant traffic. I don't care if someone else snoop the web pages I'm reading from accuweather or XDA.
2- Secured traffic. Anything HTTPS is safe. People could figure out you're accessing your bank's site, but can't know what you're doing there.
3- Unsecured important traffic. If you send login or other personal information without using encryption (https), that's problematic. A secure proxy / VPN can help here. There shouldn't be much in that category though.
4- Bad traffic. If you want to google how to kill kittens and sell organs, use Tor whether or not you're on shared wifi.
Tor's always good, and the more people use it the better it gets, but it's slow. You might not want to use it all the time.
androidpicks said:
You should consider different kinds of traffic:
1- Unsecure unimportant traffic. I don't care if someone else snoop the web pages I'm reading from accuweather or XDA.
2- Secured traffic. Anything HTTPS is safe. People could figure out you're accessing your bank's site, but can't know what you're doing there.
3- Unsecured important traffic. If you send login or other personal information without using encryption (https), that's problematic. A secure proxy / VPN can help here. There shouldn't be much in that category though.
4- Bad traffic. If you want to google how to kill kittens and sell organs, use Tor whether or not you're on shared wifi.
Tor's always good, and the more people use it the better it gets, but it's slow. You might not want to use it all the time.
Click to expand...
Click to collapse
Thanks for your reply, I had given up hope that anyone would reply to this. Would TOR also encrypt app traffic as well? For example I have read about an app for android that you can get/compile that would allow you access to someones facebook account if they were on the same wifi network.
In reference to your point 2 about secured traffic, I'm curious about about what dangers there are that we are warned about when using public wifi if important HTTPS sites traffic is encrypted?
Even if the webpage is secured by AES-256 bit key and you're browsing it on unsecured network, you're still vulnerable to attacks.
my problem is that i have a non rooted phone with vpn always on and im searching for an app to activating ad block on it.
My fix for it would be to use an android wide proxy or a custom dns that overrides vpn dns.
as title said an root app or an app that provides vpn solution wouldnt be what im searching for. I had once an adblock app that routes traffic trough local proxy beside the vpn but cant find it anymore
Update: i found AdHell but its only for Samsung Devices with knox. Any other solutions?
HeathenMan said:
Update: i found AdHell but its only for Samsung Devices with knox. Any other solutions?
Click to expand...
Click to collapse
any news on this one?
I wanna use protonVPN and adblcoker at same time
a bit of elbow grease to protect self from Privacy Raping
Some [open]vpn clients allow vpn side connection to Socks5. Some even allow toggle of LAN access from device. I am not claiming a finish product exists but perhaps this gives you some joy.
Perhaps your socks5 instance runs in Amazon AWS free tier. Maybe it runs locally on your android handset. Perhaps you run Privoxy itself on android. [@mod: privoxy is F/OSS older than this forum]. There are a few privoxy projects for android on github. Perhaps you pick their brain. It was that against which proxomitron competed [also F/OSS. Thank God for Scott Lemmon].
Using things in differing order you might search the article to which I may not link: Privoxy on Android (with EC2 VPN)
I wanted to bring the Amazon EC2-based Privoxy service to it, by way of a VPN.
Click to expand...
Click to collapse
There was no obvious way to contact the author who hasn't posted since 2016.
There is an OpenVPN service you can likely find the name of yourself offering *recently* an adblock toggle and AntiTracker toggle with a hardcode mode to protect you from predators like google and Fbook. It shouldn't be long before others emulate this functionality. It sports the vpn side socks5 option.
Or privoxy tunnel to remote [cloud (openvpn)]. See? Fun with permutations. Maybe from phone with ShadowSocks to cloud to vpn to web. "OpenVPN over shadowsocks". At this point look into sites helping Chinese dissidents.
You definitely then return here with your improvements to share.
The remaining question is how much is your time worth? Not much? Then search the web ad naseum for the 'ideal free' solution. Elsewise pony up some pennies for some cloud time as part of a solution.
Same question here !
And it seems that adhell is now only available for entreprise use
Wasn't AdGuard doing that?
yes you are right. it works with setting a private dns in the system settings with dns.adguard.com - no batterydrain - no more ads - no vpn - no root
I have a custom CRM. I need to know client name, when he call to android devices. I find for easy way to get synchronization. I can customize server side, but cant build own android app for that. I need ready Android app. I believe that my need is widespread enough for such a program to exist. I look closely for Google Contacts Api. But this is an extreme option that is not flexible enough and involves a lot of programming work. I wanted get caller app with web-hook option, but it is unreal, becouse Internet will be unavailable during a call. It means, The desired contact must be downloaded to the phone before the call. Please, recommmend me Android app fore that. Any way for solving problem?
karpo518 said:
I have a custom CRM. I need to know client name, when he call to android devices. I find for easy way to get synchronization. I can customize server side, but cant build own android app for that. I need ready Android app. I believe that my need is widespread enough for such a program to exist. I look closely for Google Contacts Api. But this is an extreme option that is not flexible enough and involves a lot of programming work. I wanted get caller app with web-hook option, but it is unreal, becouse Internet will be unavailable during a call. It means, The desired contact must be downloaded to the phone before the call. Please, recommmend me Android app fore that. Any way for solving problem?
Click to expand...
Click to collapse
That's interesting stuff
([emoji3590]09-09-18[emoji3590])