Hi,
I'v a mi a3 device (android stock), and when I try to mirror the display to a wifi dongle (no program needed) I'v to fully disable netguard to let the mirror works....somebody knows which element is the cause of this so to let me enable just it.
I know that there's a paid option to see log the request, but I only need to know which element unlock just in this condition, so don't want to buy it only for this specific case....
Thanks
As you didn't provide any technical information, my guess would be that you're using Miracast. In such case, see here technical networking details and create rules accordingly:
https://documentation.mersive.com/content/topics/admin-enabling-miracast.htm
_mysiak_ said:
As you didn't provide any technical information, my guess would be that you're using Miracast. In such case, see here technical networking details and create rules accordingly:
https://documentation.mersive.com/content/topics/admin-enabling-miracast.htm
Click to expand...
Click to collapse
yes, I think I'm using miracast (it's not so clear in my language settings) it's enabled under the bluetooth options.
So how can I create a rules in netguard (as I sad I don't have the full version), cause to me seems that I can only enable or disable network traffics per app.
Thanks
utente.xda said:
yes, I think I'm using miracast (it's not so clear in my language settings) it's enabled under the bluetooth options.
So how can I create a rules in netguard (as I sad I don't have the full version), cause to me seems that I can only enable or disable network traffics per app.
Thanks
Click to expand...
Click to collapse
You need to open ports mentioned in the article. Either pay for full version of Netguard or use some free alternative. Also consider if you need a Firewall at all..
Related
PeerBlock is now available in the Google Play Store! https://play.google.com/store/apps/details?id=com.peerblock_new
For anyone who is having the first version of PeerBlock For Android, I lost my certificate key by accident and was not able to update the first one I've uploaded.
Please install this version if you want it more updated with a lot of bug fixes.
Some features might not work yet as it's still Work in Progress but the basic functionality is working.
PeerBlock For Android lets you control who your phone 'talks to' on the Internet.
By selecting appropriate lists of 'known bad' computers, you can block communication with advertising or spyware oriented servers,
computers monitoring your p2p activities, computers which have been 'hacked', even entire countries!
They can't get in to your phone, and your phone won't try to send them anything either.
And best of all, it's free!
Keep in mind that I'm not a member of the PeerBlock team, I just wanted PeerBlock for phone
You're able to grab the lists from iblocklist.com so you can start blocking those evil hosts
To add lists to PeerBlock create a new directory in the root of the sdcard (not external sdcard)
Called 'PeerBlockLists' here should be all the text files
Everytime you added a new/updated list to your PeerBlockLists please press the 'Rebuild cache blocklist' and reboot so that new hosts can be blocked
Running a Firewall? or no internet ?
Be sure you enable Input Chains and WiFi rules for PeerBlock for Android even if PeerBlock for Android does not use the internet or WiFi.
The internet permission is being used to inter process communication with the apps and service to see if a connection should be allowed or blocked.
WARNING:
Root is required for XPosed to be installed
Use at your own risk!
WORK IN PROGRESS. WILL EAT YOUR CAT.
Features:
Block million of hosts (upto billions)
Add unlimited amount of block lists
Allow HTTP/HTTPS Traffic when PeerBlock is enabled, this will make a security hole though so better if u keep it off
Block All Traffic (Paranoid Mode) every single application in android will not have internet
Block DNS - Block DNS Requests
Block the 'Ad' Keyword in host names to give a better success rate for blocking ad's
Have a history list of every application that connected to a host
Block a hostname/subnet/ip address from the history
No internet leaks at startup!
Show a notification when a connection is being blocked.
Show a notification when a new connection is being established.
If people wonder if this also works for the Galaxy Note3... yes it does I'm having one myself
How To use
1. Install XPosed Framework
2. Install PeerBlock For Android
3. Create a directory in the sdcard called "PeerBlock"
3. Create a directory in the PeerBlock directory a directory called called "PeerBlockLists"
4. Go into XPosed Framework Installer and enable "PeerBlock For Android"
5. Reboot your device
6. Now go to the website iblocklist.com
7. Take any list you wish for example, http://www.iblocklist.com/list.php?list=bt_ads
8. Press the Update button to download the list (or copy the Update URL into your browser to download it)
9. Now simply copy/paste the .txt file into the sdcard in the folder PeerBlockLists
10. Go to the main menu and hit the "Rebuild cache blocklist" button
11. Reboot your device and enjoy
New features in 1.04:
PeerBlock For Android is now using a Service to have it more stable and if the service is not running no app can communicate with the outside world.
More stability
Re-designed UI
Strange behaviour is fixed which people noticed
Quite a few bug fixes which people reported
Fixed most app crashes
Designed my own database format
Less format errors in rebuilding the cache list
@DragonHunt3r can we get gingerbread support plz?
It seems old problems still there : block ad hosts button still unchecked for example.
I cannot add a list thé button does nothing ?
Sent from my SM-N9005 using XDA Premium 4 mobile app
Wow this looks huge many thanks! Does anyone know if this plays nice with AdAway installed or should this be a direct replacement for AdAway?
lmike6453 said:
Wow this looks huge many thanks! Does anyone know if this plays nice with AdAway installed or should this be a direct replacement for AdAway?
Click to expand...
Click to collapse
You can replace AdAway with this or keep it side by side, it's your call really as AdAway is using the Hosts file and PeerBlock For Android is not using the hosts file
bournaze said:
It seems old problems still there : block ad hosts button still unchecked for example.
I cannot add a list thé button does nothing ?
Sent from my SM-N9005 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Same here, and if I select the 'Rebuild cache blocklist', all it seems to do is lock up the program.
Also, no mention on the YOLO test server being removed or not.
Hey there! What's happened? no play store, no apk, no xposed repo... no nothing... ?!
Conte Mascetti said:
Hey there! What's happened? no play store, no apk, no xposed repo... no nothing... ?!
Click to expand...
Click to collapse
Does anyone know of an alternative app to peerblock?
Since we just get ignored by the developer, and mysterious connections are constantly being made from the program.
xT29c said:
Does anyone know of an alternative app to peerblock?
Since we just get ignored by the developer, and mysterious connections are constantly being made from the program.
Click to expand...
Click to collapse
alt for PeerBlock - UnbelovedHosts
yespda2 said:
alt for PeerBlock - UnbelovedHosts
Click to expand...
Click to collapse
Thanks! I'll be using that until/if PeerBlock gets officially released to android.
Lost a user dragonhunter.
Welcome Back
DragonHunt3r said:
PeerBlock is now available in the Google Play Store! https://play.google.com/store/apps/details?id=com.peerblock_new
For anyone who is having the first version of PeerBlock For Android, I lost my certificate key by accident and was not able to update the first one I've uploaded.
Please install this version if you want it more updated with a lot of bug fixes.
Some features might not work yet as it's still Work in Progress but the basic functionality is working.
Click to expand...
Click to collapse
Hi Friend, where have you been? Long time no see on xda....I must say you were missed I know many fellas were disturbed with your app....so much so that they got old thread locked....but if it gives you any satisfaction I have been always using your app....though I missed your to do list....which I am sure now that you are back.....you can work upon
HTML:
Todo's
Check if UDP is getting blocked
Remove space used by Ad's
Add MAC-Address filter white/black lists
Show notifications (if enabled)
Making the Ip Range check multi-core
Create a blacklist/whitelist for apps to allow internet
Blocklist updater/downloader
Create a whitelist for hosts/Ip Addresses
Root-Mode with IpTables (I will not remove XPosed from the project)
Remove host from blocked hosts
A popup window which shows allow/deny for establishing a connection
that YOLO problem is yes definitely there...can you please remove....though I understand that your app wasn't using any permission even if it would I had DMZs (double checks) in place to get rid of any unwanted outgoing requests....even for PeerBlock....anyways back to the point....Your to do list was great....you should complete that :good:
Also, ask forum moderator to unlock that original thread as you are back in business
can you please post the link?
godofgeeks said:
Hi Friend, where have you been? Long time no see on xda....I must say you were missed I know many fellas were disturbed with your app....so much so that they got old thread locked....but if it gives you any satisfaction I have been always using your app....though I missed your to do list....which I am sure now that you are back.....you can work upon
......
Also, ask forum moderator to unlock that original thread as you are back in business
Click to expand...
Click to collapse
wow, could you cuddle Dragonhunter's balls any tighter?
Say I wanted to have the most secure Sony Xperia Z Ultra possible (without "too much" sacrifice of useability).
In the context of this thread I define security as broadly anything barring network anonymity ie. hiding your device public IP address.
So I want security from network attackers (eg. drive-by download, WiFi attacks), physical device attackers (eg. customs searching devices for IP violations ... no really, that's about to become a thing apparently, GF and/or mistresses) .
How would you do it?
Could you please use sections of
Code:
firmware
phone settings
app settings
behavior
because I want to curate the best answers from users in this post for the good of the forum.
My thoughts so far are:
Firmware:
Root is disabled
Bootloader should be locked.
^^ These I'm not sure about - see if we don't have root then we don't have iptable firewall and hosts level server blocking.
One recovery should be used
Honestly I'm not sure which ROM is more secure than another but I'm assuming the latest and greatest is more secure so that would be MM atm. No idea if Sony is more secure than another flavour of ZU Android.
Phone settings:
Developer options off
Sideload apps off
Do not connect to unknown WiFi
NFC Off by default
Bluetooth Off by default
PIN unlock required
Auto-lock ON
App settings: (this includes apps you should have/not have and their settings)
I figure every additional app that I don't use is a needless attack surface so start with no apps at all - uninstall everything. Only install what you use ... for which you need root unless the ROM is premade like this.
Firewall app (Netguard no-root Firewall, DroidWall if we have root)
Adblock (if we have root)
AV - honestly most mobile AV seems pathetic at being secure and not acting like malware (notifications, popup windows etc) but Avast at least seems to not hog resources.
-Auto update every app
User behaviour:
NEVER:
-install apps from anywhere other than Google Play. Or possibly FDroid
-let another person use your device
I'd like to hear your suggestions, critique and everything else, cheers!
So you're not gonna install from other than google play, then what ad blocker are you going to use? Where is adblocker connecting to?
You're talking about still having a lot of apps connecting through servers that you don't control.
morestupidemailnames said:
You're talking about still having a lot of apps connecting through servers that you don't control.
Click to expand...
Click to collapse
Well if you are worried about connecting to servers that you dont control - isnt that all servers?
At which point you may as well remove all WIFI and Mobile Data capabilities and just stick to 2G
panyan said:
Well if you are worried about connecting to servers that you dont control - isnt that all servers?
At which point you may as well remove all WIFI and Mobile Data capabilities and just stick to 2G
Click to expand...
Click to collapse
Exactly my point.
The op is a long winded question that leaves you with more questions.
Probably why there's been such a landslide of security tips here
My plan is to modify permissions for almost every app on my phone including system apps.
There will be 2 categories:
1. Apps that need to be able to phone home (Internet access, I guess).
(For those I want to block access to all my personal information / data.)
2. Apps that don't need to phone home.
(For those I just want to make sure the apps can't leak my data/information.)
Now let's say I want to prevent an app from accessing the Internet:
Is it enough to just tap the according check box? Because some of the 'functions' listed under that category don't get a check mark by default. Which of these functions do actually make sending/receiving data over the Internet possible?
I'm not an Android developer, so I don't know what all the 'functions' can potentially do/expose. What is your advice for people like me? Should I just disable all functions under a category that I want to restrict and see if it works? Or am I truly expected to become an Android developer and understand every single class member listed in the app? It would be nice to have a short explanation and assessment for each function.
Thx for reading, and please forgive my poor English.
The Greenify is the best app I had been used for cut-off apps. But I found that there are two problem:
(My phone is Xiaomi MI MIX 2S running MIUI 10 8.6.18 [Android O], with Greenify Version 4.1)
1. Can not create hibernation shortcut
When I tried to create a hibernation shortcut, the Greenify noticed that the creating was succeed. But I can not find out the shortcut in my launcher. Neither type of shortcut can be created. And I don't know why and how to fix it.
An additional detail:
when I used the permission manager to make sure that the Greenify need to request my approval to create a shortcut and then I tried to create a hibernation shortcut, there was no prompt box for requesting approval (Under normal circumstances there should be a prompt box). It seemed that somehow the Greenify did not work properly in shortcut creating.
2. Wake-up Tracker often disabled for unknown reasons
I enabled Wake-up Tracker and after a while I found that Wake-up Tracker had been disabled. Then I enabled again, after a while it had been disabled again.
Please tell me how to fix these problem, any guidance is appreciated.
AnnAngela said:
Thx for reading, and please forgive my poor English.
The Greenify is the best app I had been used for cut-off apps. But I found that there are two problem:
(My phone is Xiaomi MI MIX 2S running MIUI 10 8.6.18 [Android O], with Greenify Version 4.1)
1. Can not create hibernation shortcut
When I tried to create a hibernation shortcut, the Greenify noticed that the creating was succeed. But I can not find out the shortcut in my launcher. Neither type of shortcut can be created. And I don't know why and how to fix it.
An additional detail: when I set the Greenify need to request permission to create a shortcut and tried to create a hibernation shortcut, there was no prompt box for requesting permission ( Under normal circumstances there should be a prompt box ). It seemed that somehow the Greenify did not work properly in shortcut creating.
2. Wake-up Tracker often disabled for unknown reasons
I enabled Wake-up Tracker and after a while I found that Wake-up Tracker had been disabled. Then I enabled again, after a while it had been disabled again.
Please tell me how to fix these problem, any guidance is appreciated.
Click to expand...
Click to collapse
I am surprised by the details furnished by you including device details, though it is your first post. Usually it is a case of "Unable to create shortcut, anyone has any idea" sort of posts that we encounter. Thanks for providing the details, though I may not be able to offer solutions.
I also faced the Wakeup Tracker issue before I uninstalled Greenify, so I have no solution for this.
Reg. the creation of shortcut, try clearing the data and cache of Greenify/uninstall and reinstall etc. If none of them work, MIUI may be an issue since it reportedly heavily modifies the Android OS.
Having said that, I would advice you to uninstall Greenify and use your phone for a couple of days. You may be surprised by the way the phone behaves even without Greenify.
I am one of the votaries of the belief (with reason) that apps like Greenify are not needed on Oreo since the OS itself behaves very well. Unless you specifically find some app misbehaving which can not be controlled without apps like Greenify, simply enjoy your device.
tnsmani said:
I am surprised by the details furnished by you including device details, though it is your first post. Usually it is a case of "Unable to create shortcut, anyone has any idea" sort of posts that we encounter. Thanks for providing the details, though I may not be able to offer solutions.
I also faced the Wakeup Tracker issue before I uninstalled Greenify, so I have no solution for this.
Reg. the creation of shortcut, try clearing the data and cache of Greenify/uninstall and reinstall etc. If none of them work, MIUI may be an issue since it reportedly heavily modifies the Android OS.
Having said that, I would advice you to uninstall Greenify and use your phone for a couple of days. You may be surprised by the way the phone behaves even without Greenify.
I am one of the votaries of the belief (with reason) that apps like Greenify are not needed on Oreo since the OS itself behaves very well. Unless you specifically find some app misbehaving which can not be controlled without apps like Greenify, simply enjoy your device.
Click to expand...
Click to collapse
Yes, You may not know that, a huge of apps which developed by Chinese companies and provided to Chinese are designed strangely, they are trying their best to stay in background, call up each other and push AD messages in notification bar (sorry if I misspelled), and the companies have some agreements with Chinese OS provider such as Xiaomi to avoid killing their apps in background in Chinese version Android OS.
One of them is Alibaba, which has three most popular app in China, Taobao, Tmall and Alipay. But these three apps are designed to keep alive as much as possible and call up each other very frequently, just for push messages to introduce goods on Taobao and Alibaba's wide range of services, applications and merchandise. (BTW, I believe that a big part of app keep-alive technologies are developed by the programmers in Chinese companies.)
So maybe You can understand my pain. _зゝ∠)_
Adb permission
I need a help. How can i turned on wakeup tracker. I don't know how to give adb permission to greenify. Please post a video. Or screenshot step by step. Please help me. Its urgent for me. I am using Samsung galaxy j200G lollipop 5.1.1 ?
AvishekOfficial said:
I need a help. How can i turned on wakeup tracker. I don't know how to give adb permission to greenify. Please post a video. Or screenshot step by step. Please help me. Its urgent for me. I am using Samsung galaxy j200G lollipop 5.1.1 ?
Click to expand...
Click to collapse
Greenify version? Rooted? Xposed?
For my device details see signature block.
I assume you don't require a video how to search the web. Such a serach with the keyworks "greenify", "help" and "adb" provides e.g. following page at the very top that most likely satisfies your needs.
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
I too would be interested to hear about anyones experience regarding this OS
johndoe118 said:
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
Click to expand...
Click to collapse
I'm interested in this ROM too. I have a Pixel 3a. I haven't flashed it yet because I'm trying to find out what people's experiences are first. There doesn't seem to be a lot of posts about it. Did you ever flash it? Also, what do you mean by "hardcoded Google domains"?
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi. That was one reason why I lost interest in the ROM. The other was the limited device support and missing root access. I absolutely need access to the iptables. As a one-man show, the ROM can be adjusted at any time.
johndoe118 said:
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi.
Click to expand...
Click to collapse
Do you have some kind of reference for that? I'm using it now and would really like some proof to bring up in their subreddit as a WTF.
graphene seems great, no root does not
I don't want the bootloader locked.
I want Magisk extensions
I need root for LP _only_ to remove ads. Is there something like LP that allows (interactively) disabling app activities?
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
HTTPS: https://www.google.com/generate_204
HTTP: http://connectivitycheck.gstatic.com/generate_204
HTTP fallback: http://www.google.com/gen_204
HTTP other fallback: http://play.googleapis.com/generate_204
Click to expand...
Click to collapse
nay_ said:
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
Click to expand...
Click to collapse
Thanks, right from there
I have Graphene OS taimen-factory-2020.07.06.20.zip on my Pixel 2 XL.Under "System update settings" is "Check for updates" but nothing happens if I tap.Only the field becomes darker.Has someone experience with this?
Update with adb sideloading to 2020.08.03.22 works.
OTA update from 2020.08.03.22 to 2020.08.07.01 likewise.
I'm personally not a fan of these kinds of projects, they aren't really all that 'secure', you're still using proprietary vendor blobs and such
help please
Hello! In the description
I pointed out that you can change servers just not through the GUI.
Has anyone tried this?
```
Providing a toggle in the Settings app for using connectivitycheck.grapheneos.org as an alternative is planned. The option to blend into the crowd with the standard URLs is important and must remain supported for people who need to be able to blend in rather than getting the nice feeling that comes from using GrapheneOS servers. It's possible to use connectivitycheck.grapheneos.org already, but not via the GUI.
```
captive portal leak + location services data leak
Few points:
1. General idea is that privacy/security oriented OS (as graphene is advertised) should limit network activity as much as possible, and not ping google using captive portal service every few seconds providing perfect IP-based location to google
It is possible to switch it off, but should be off by default
2. Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google):
"blog.wirelessmoves.com/2014/08/supl-reveals-my-identity-and-location-to-google.html"
Graphene still allows those connections (check their FAQ on website)
W/O root no way to switch this off. Even some devices ignore config files and still leak data (on the level of cellular modem most probably)
3. Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
w/o root no way to install afwall to block everything
Is graphene built-in firewall capable of blocking system services from network access?