So my school just recently said we can use tablets and laptops in class and around the school. They are willing to allow us to connect to the school's WiFi, but we have to give the dean the MAC address for our device.
I'd like to be able to keep some privacy, even though they say we have to waive our right to privacy if we decide to use electronics. I guess I'm looking for a few apps that can help me achieve this. Maybe a browser with an incognito feature like Chrome, or something that can cover what I'm doing online.
I also wanna know if there would be any way for me to access thinks like Facebook, Twitter, Youtube, Google Music, etc. through their respective app if the website is blocked.
If push comes to shove, I guess I could just tether with my GNex, but that would require an extended battery, which I would like to not have to buy.
Have you tried using the incognito tab option on the stock honeycomb browser?
Unless you are using some sort of vpn connection or encryption you have no privacy. I'd suggest remoting into your home desktop using splashtop or teamviewer and doing all your browsing on your desktop if you are worried about privacy that much.
They can see everything you do since it's a shared connection and they have access to the gateway and internet logs.
They are probably running a transparent proxy with logging (I would be if I were the sysadmin), so the incognito tab won't help.
But
Konfuddle said:
Have you tried using the incognito tab option on the stock honeycomb browser?
Click to expand...
Click to collapse
That does not do anything with the connection. It just dont cache anything in your browser. So that noone borrowing your computer can see that you have been watching porn.
But to OP: Get a vpn connection. Only way to get privacy on a wifi system.
SwiftLegend said:
So my school just recently said we can use tablets and laptops in class and around the school. They are willing to allow us to connect to the school's WiFi, but we have to give the dean the MAC address for our device.
I'd like to be able to keep some privacy, even though they say we have to waive our right to privacy if we decide to use electronics. I guess I'm looking for a few apps that can help me achieve this. Maybe a browser with an incognito feature like Chrome, or something that can cover what I'm doing online.
I also wanna know if there would be any way for me to access thinks like Facebook, Twitter, Youtube, Google Music, etc. through their respective app if the website is blocked.
If push comes to shove, I guess I could just tether with my GNex, but that would require an extended battery, which I would like to not have to buy.
Click to expand...
Click to collapse
whoa whoa whoa man... "incognito" has nothing to do with what you transmit online. it only prevents them from seeing what you have already done if they took your device
what you need is a secure VPN like goldenfrog.com, or use a secure proxy server. anything that puts a layer of encryption between you and the server will block out any man in the middle
noobs these days... incognito has NOTHIGN TO DO WITH WHAT YOU TRANSMIT DAMMIT
if you want, use opera and turn on the "turbo" feature. that will create a link to the opera servers and deliver compressed content. meanwhile, it will make it impossible for the school to decrypt anything it intercepts.
chatch15117 said:
if you want, use opera and turn on the "turbo" feature. that will create a link to the opera servers and deliver compressed content. meanwhile, it will make it impossible for the school to decrypt anything it intercepts.
Click to expand...
Click to collapse
Nope, opera turbo is a plaintext connection so still can be viewed, the only option is https for everything or vpn/ssh tunnels
Ok thanks for all the replies. I guess the easiest thing would be to tether with my phone. (Hopefully Verizon doesn't freak )
I guess I can try setting up a VPN (no idea how). I think my friend tried to, since he owns a bunch of servers, but the school blocks almost every port.
Could using a vpn connection be considered
using Proxies, Caching Servers or any others means to circumvent restrictions placed on
the school’s IT network and internet access
Click to expand...
Click to collapse
DroidSheep anyone hahaha
unless websites like Facebook and such are blocked haha
Is there a way to spoof the MAC?
Scribed in blood using XDA Premium
Dan_Brutal said:
Is there a way to spoof the MAC?
Scribed in blood using XDA Premium
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=1385577
Dan_Brutal said:
Is there a way to spoof the MAC?
Scribed in blood using XDA Premium
Click to expand...
Click to collapse
Yes but I would bet the reason why they want the MAC address is for WIFI access. You could spoof someone else's MAC but school's aren't known for having hard facts before disciplining students. If they think it is you, you will get in trouble.
I would recommend using TOR if you want to protect your privacy. Download Orbot from the market.
Cheers!
-M
Xda member since 2007
Considering the schools budgets these days, you probably have nothing to fear as far as privacy goes.
Sure they are logging your wifi usage, but no one is monitoring it! All the logging allows them to do, is to look at where you went and when AFTER they have a reason to start looking.
Unless they hired someone specifically to start monitoring students, no one is ever going to look at your logs.
Sure they could put in alerts to let them know when any user goes to site xyz, but odds are they simply have blocked it.
One of the main reasons they are logging things is if say perhaps a teachers online grades were 'hacked', and the IP was traced back to their own servers, they'd have a way to identify which user was using that connection.
Many ISPs already log your internet access as well, but it's at such a low level that no one looks at it (though there are privacy laws to prevent them from looking directly in those cases).
Bottom line.. is if you're not doing anything illegal (torrenting, sending nude pics of yourself, harassing other students via text/email) then you have nothing to worry about, and odds are you won't even be noticed.
DroidGnome said:
Bottom line.. is if you're not doing anything illegal (torrenting, sending nude pics of yourself, harassing other students via text/email) then you have nothing to worry about, and odds are you won't even be noticed.
Click to expand...
Click to collapse
I partially agree. If you use the schools network for normal stuff you shouldn't have anything to hide.
But Co-students are a great security risk. Both willingly and unwillingly. In these days with loads of malware floating around jumping from computer to computer via security flaws in networked devices. Students may also try to hack your device just for fun.
If you have sensitive data you really should encrypt your traffic in one way or another when connected to a network with unmanaged and unknown devices.
DroidGnome said:
Considering the schools budgets these days, you probably have nothing to fear as far as privacy goes.
Sure they are logging your wifi usage, but no one is monitoring it! All the logging allows them to do, is to look at where you went and when AFTER they have a reason to start looking.
Unless they hired someone specifically to start monitoring students, no one is ever going to look at your logs.
Sure they could put in alerts to let them know when any user goes to site xyz, but odds are they simply have blocked it.
One of the main reasons they are logging things is if say perhaps a teachers online grades were 'hacked', and the IP was traced back to their own servers, they'd have a way to identify which user was using that connection.
Many ISPs already log your internet access as well, but it's at such a low level that no one looks at it (though there are privacy laws to prevent them from looking directly in those cases).
Bottom line.. is if you're not doing anything illegal (torrenting, sending nude pics of yourself, harassing other students via text/email) then you have nothing to worry about, and odds are you won't even be noticed.
Click to expand...
Click to collapse
Bored teachers/faculty get up to practically anything and snooping on students is apparently a great sport. Everywhere that has a computer lab has someone doing IT and just think about that for a minute...someone doing IT at a high school, the personality of that person. You don't have to be doing anything illegal to get into trouble with your school. A casual google will reveal all the lawsuits students have brought against schools for violating their privacy. Do yourself a favour and use Orbot.
Cheers!
-M
Xda member since 2007
dragon_76 said:
Bored teachers/faculty get up to practically anything and snooping on students is apparently a great sport. Everywhere that has a computer lab has someone doing IT and just think about that for a minute...someone doing IT at a high school, the personality of that person. You don't have to be doing anything illegal to get into trouble with your school. A casual google will reveal all the lawsuits students have brought against schools for violating their privacy. Do yourself a favour and use Orbot.
Cheers!
-M
Xda member since 2007
Click to expand...
Click to collapse
it is great fun, but also remember that code of conduct that you and your parents sign at the start of the year states that we do have the right to make sure you are using the internet provided by the school for school purposes only
Can't you use 3G connection from your phone instead of the school WiFi?
As far as getting on facebook if it's blocked....
If you type httpS://facebook.com it will usually let you in. They have blocked several websites at my office, but I can still get into them using this trick. Sometimes, you will have to add the "S" after navigating through the websites, but still will let you get in. So, just use your web browser (not the facebook app), and type s. I believe most people don't block secure websites.
SwiftLegend said:
So my school just recently said we can use tablets and laptops in class and around the school. They are willing to allow us to connect to the school's WiFi, but we have to give the dean the MAC address for our device.
I'd like to be able to keep some privacy, even though they say we have to waive our right to privacy if we decide to use electronics. I guess I'm looking for a few apps that can help me achieve this. Maybe a browser with an incognito feature like Chrome, or something that can cover what I'm doing online.
I also wanna know if there would be any way for me to access thinks like Facebook, Twitter, Youtube, Google Music, etc. through their respective app if the website is blocked.
If push comes to shove, I guess I could just tether with my GNex, but that would require an extended battery, which I would like to not have to buy.
Click to expand...
Click to collapse
lilstevie said:
it is great fun, but also remember that code of conduct that you and your parents sign at the start of the year states that we do have the right to make sure you are using the internet provided by the school for school purposes only
Click to expand...
Click to collapse
The internet provided to the schools by tax payers and/or tuition you mean. You have a wretched problem that is rampant in American schools: you think you own the school's resources. They are owned by the community.
Cheers!
-M
Xda member since 2007
So the administration announced today the final policy and they won't be allowing WiFi access until next September because they want to expand the network. I'll probably just be tethering for the mean time.
Oh yeah, there's only 2 IT guys in my school (lol). One stays in a glass room in the back of the computer lab, and the other comes to classrooms to install projectors and crap.
Related
I hope this time it's the correct forum.
So long story short.
I've written an app that allows to hijack FaceBook profiles over the WiFi. So when you're connected to WiFi you can "hack" into other users profiles. It doesn't work for profiles using SSL (yes you have that option in FB). So it can be treated as a "bad app". BUT! it is not dangerous for the one using it. I am aware that this is "questionable" application, but is there any other way to tell people - "HEY! use secure connections, it is not safe to use public WIFI!". I'd bet that a lot of you don't use SSL now and after using/reading this app you will turn SSL on.
That could be the #1 reason for deleting my app.
The second one is that I've put a 'demo' app in the market with a limit to sniffing only 3 profiles. But you could buy it through paypal. And today I've found out that this also could lead to app deletion. However i've bought launcherpro through paypal so I don't see why my app was removed in less than 24 hours.
What is your opinion and what can I do to sell my app somehow (i need my 25$ back that I've paid to register in google wrr...). Is there an option I could do put it in market without google deleting it like putting a disclaimer or something? The app itself is safe for the user downloading it.
Edit: If I put a link to this app here will this thread be deleted? If so, is there an option to promote it here?
Per forum rules, link removed
bponury said:
I've written an app that allows to hijack FaceBook profiles over the WiFi
Click to expand...
Click to collapse
There's your answer.
JamesC_ said:
There's your answer.
Click to expand...
Click to collapse
+1 on that
if it allows you to hijack fb you can steal other information from the users account so why would they allow it and put themselves into a legal bind for doing so
JamesC_ said:
There's your answer.
Click to expand...
Click to collapse
So if it wasn't for this app you would be safe? No, facebook is ignoring users privacy and this app is nothing more then a good way to show people what could be the cost of not using secure connections. Of course this can be used in a bad way, a lot of apps can. Like sms bombing or phone number spoofing. But they are not removed from the marked do they?
Ethics
And even worse you want to get paid for it.
wdl1908 said:
Ethics
And even worse you want to get paid for it.
Click to expand...
Click to collapse
Yes, I know what ethic is however we're not living in a perfect world and just believing that everyone is good and ethical so I can just leave my door open when leaving the house is not going to protect me against the reality. I believe in http://en.wikipedia.org/wiki/Full_disclosure and this case is even better because FaceBook is aware of the problem and just ignore it. A few people are aware that there's an option to use SSL on facebook. In my opinion FB should just get it done right and force users to use it. It's not a problem these days right? And what is wrong in getting paid for my work. I've spent some time developing it. Security by obscurity is not working, really. Take my app for example it would take max 1h to crack it. It's not security it's just being to lazy to secure it. And hoping that no one would care to crack it.
sms bombing is not hacking someones account! you are just spamming someone with messages.
even if it is down to fb to let people know about security, the market owners can be sued for allowing such an app on the market. there are better ways of showing a person how unsecure a connection is without punishing them in such a way.
the secure connection is useful for public connections but some people may not want or need to use it at home so they have the ability to switch it on or off. apparently there are issues with some games on fb that are linked in with the use of the secure connection.
traumatism said:
sms bombing is not hacking someones account! you are just spamming someone with messages.
Click to expand...
Click to collapse
People are killed for spamming in russia (http://www.theregister.co.uk/2005/07/26/russian_spammer_killed/)
And what about spoofing caller id? AFAIK that things are valid in court cases in Poland.
traumatism said:
even if it is down to fb to let people know about security, the market owners can be sued for allowing such an app on the market. there are better ways of showing a person how unsecure a connection is without punishing them in such a way.
the secure connection is useful for public connections but some people may not want or need to use it at home so they have the ability to switch it on or off. apparently there are issues with some games on fb that are linked in with the use of the secure connection.
Click to expand...
Click to collapse
I don't know how to tell people - secure yourself any other way. I know i'm devils (myself) advocate right now, but really do you think that forgetting about insecurity is a good way? I don't force anyone to use it in a bad way. But after I showed how it works in my house all my room-mates turned SSL on instantly. And they were not mad about it, shocked a bit but now they are safer now. Sure you can just tell people - hey turn ssl on and 90% of them will ignore you. But when you show them - look! i can see your messages that easily if you don't do it. Then they would listen.
haha! So, if someone got a gun and went around shooting people in cars to proove that they should actually have bullet proof windows and burst-proof tyres, that it's all ok, and not in any way shape or form, illegal?
ha. ha.
infact op ip should be reported to facebook
By nature I wouldn't go near this app. If its collecting other peoples info I could be collecting my own. Thats how I see it logically ... people always get screwed when they are doing something they shouldn't be doing.
There is a place for all apps in this world be they good or bad. You could always host a site and put it on there. I wouldn't go near it cause once again I'd be afraid of whats laced on that site.
I was just providing another point of view to the convo.
MarkusPO said:
haha! So, if someone got a gun and went around shooting people in cars to proove that they should actually have bullet proof windows and burst-proof tyres, that it's all ok, and not in any way shape or form, illegal?
ha. ha.
infact op ip should be reported to facebook
Click to expand...
Click to collapse
So if you have a car that can be opened by someone who has a screwdriver wouldn't you want car manufacturer to secure your car. Buying a bulletproof car isn't exactly the same as pushing a button in a web browser isn't it? And you're comparing killing a man to posting "I'm a jackass on someones FB wall". But still, you can buy a gun right? Also pretending that there's no problem isn't fixing a problem.
And hey, this app isn't new you know, if it wasn't for this thread maybe you wouldn't know that people use this apps on PC's maybe one day you would find that all your mail is gone (yes, this app could be modified to work with other sites like this forum). And ask yourself wouldn't you be pissed if you've found out that anyone using your network could get into your bank account? Well I would. But most (all?) banks use SSL by default. Google does. Why FB doesn't?
hazard99 said:
By nature I wouldn't go near this app. If its collecting other peoples info I could be collecting my own. Thats how I see it logically ... people always get screwed when they are doing something they shouldn't be doing.
There is a place for all apps in this world be they good or bad. You could always host a site and put it on there. I wouldn't go near it cause once again I'd be afraid of whats laced on that site.
I was just providing another point of view to the convo.
Click to expand...
Click to collapse
Yes, in fact it needs root to modify iptables and send raw arp messages and I know people get scared when an app needs root. If someone is interested I could write here how it's done and anyone could write it. It's actually nothing magical.
I wrote this app as a project for my mobile programming class. In the first version it also sniffed for Gadu-Gadu messages (it's a polish messenger). But I sure hope that when and if this app let's loose than FB will react and enable ssl by default. Maybe other websites will use it too. It's just that easy to protect your users, I don't understand why they don't do it?
most people who do not want their details stolen, do not use public access internet. does FB take money transactions over their site?
google does and the banks do so they will have a secure section. fb may do this using paypal or google checkout or otherwise so may not need the ssl that the banks need. sure it still renders people vulnerable to attack and theft of other information but even so that information is very limited dependant on the user of the account.
traumatism said:
most people who do not want their details stolen, do not use public access internet.
Click to expand...
Click to collapse
Yes, so other people want their details stolen? You are aware of the problem 'cause your "into computers" but out of 500 milion fb users how many of them ever heard of SSL? How many know that they are unsafe?
well with the amount of messages being spread on fb already about this i think more people will know, but to let people know only by stealing their details is pathetic. sure you may have made this app for a project but why give other people the power to do this. all you are doing is providing more uses for those who like to make other peoples lives a misery. the best thing that could be done with this is to let the website provider know how unsecure their system is. especially if you are aware of the issue and are bothered by it. i know i'd do the same. if that didnt work, sure i'd tell people about it but i wouldnt sell an app on to others so they can make use of it. not even for free.
traumatism said:
well with the amount of messages being spread on fb already about this i think more people will know, but to let people know only by stealing their details is pathetic. sure you may have made this app for a project but why give other people the power to do this. all you are doing is providing more uses for those who like to make other peoples lives a misery. the best thing that could be done with this is to let the website provider know how unsecure their system is. especially if you are aware of the issue and are bothered by it. i know i'd do the same. if that didnt work, sure i'd tell people about it but i wouldnt sell an app on to others so they can make use of it. not even for free.
Click to expand...
Click to collapse
Sure I could write an e-mail to facebook, but this issue is known for years! http://en.wikipedia.org/wiki/Session_hijacking I am sure FaceBook is aware of it. In fact they've enabled SSL only a month ago (maybe two months) but why it isn't enabled by default?
who knows. perhaps issues with other applications on the website, or applications made to access facebook. they may have left it so they can cater for other applications for and on the site. only they can answer that question.
anyway, he just showed the spirit of a developer and created something new
he never told anyone "hey go hack facebook profiles" or "sniff those profiles, its fun"
he just showed the possibilites of android development and did nothing wrong in my opinion
it's not his fault if facebook is unable to close a security leak known for a long time
yeah dont get me wrong blezz i understand that completely. but the argument was as to why they would remove it. legality reasons would be tne main issue. to cover their own backs as they can in fact face legal action for allowing the app to become available in their market.
I don't see anything wrong with the app.
It shows the flaws of facebook, and the fact that no one in facebook cares enough to do anything about it. But then I understand whygoogle would remove it... If facebook decided to sue for this google would be sued not YOU.
so it would be best if you released it HERE on xda rather than the market
I'm using my transformer at school and the school is providing wifi to its students. But there are apparently some odd restrictions associated with it. No app of mine is allowed to access the internet with the exception of browsers and also I'm not allowed to download anything (it just says "download unsuccesful" no matter what I download or from where). I've tried to look for a reson for this and I found out that it might be some firewall settings on the computer that is hosting the wifi, I also asked the school's IT guy and he said that it's likely to be the reason. But the thing is that all the people with computers and iPhones can use applications that use the internet with no problems at all. This makes me think that the wifi host regards me as dangerous or suspicious for some reason, and because it does allow computers and iPhones to use apps that access the internet and are allowed to download files, I think that it might be fixable. Perhaps there are some particular settings that make the wifi host's security to regard me as dangerous and doesn't allow my apps to go to the internet. So what do I have to do for my apps to be able to access the internet and to be able to download files? I really want to know this, because many of the useful apps require internet and by not using them I'm not taking the full advantage of the device. I should also mention that my tablet is running 3.2.1.
But have you tried asking them about letting you use your "netbook" on their netbook. What's the worst they can do? say NO TABLETS ALLOWED? Because unless they know your exact MAC address, they probably won't be able to do anything about it. In my old school, I brought up that I would like to connect my windows mobile device to their network (when I was using it as an mp3 player) and they said sure (they had terrible firewalls which blocked most every site that was fun). Sometimes, the best kind of hackery is the social kind.
Dyskmaster said:
But have you tried asking them about letting you use your "netbook" on their netbook.
Click to expand...
Click to collapse
What do you mean by that?
norsul said:
What do you mean by that?
Click to expand...
Click to collapse
I guess his telling you to ask for permission to use your netbook on their network.
Well first of all I'm using a tablet running android 3.2.1. And I'm kind of confused by your use of the word network, because I said that I can use the school's wifi network for students, but only to some extent, meaning that none of my apps with the exception of the browser are not allowed to access the internet e. g. android market, google translate don't work, they just say that they are unable to connect to the network or something similar. Also downloading any file from anywhere is not allowed, it says download unsuccessful. But iPhone user's apps work perfectly fine. From this I concluded that there must be something about my tablet that makes their security think my apps are dangerous and therefore blocks them, and that because there is no such problem on iOS, I thought that the might be something wrong with my end, and that it it fixable. And my question was what do I need to do to fiz this? I hope that clarifies my point.
statsminister said:
I guess his telling you to ask for permission to use your netbook on their network.
Click to expand...
Click to collapse
yes, thanks, I was kinda in a hurry when I typed that
Ask your school's IT department. Network configurations can be quite complex, and without knowledge of how or what they're blocking- it's hard for us to help. IT would know the issue better, or at least give the explanation as to why it isn't working. For instance, last year at my college nothing but computers were allowed to connect to the wifi. Such control can be done on the network side, and it may not be your tablet's fault.
Have you any friends with an Android device, or better yet android tablet?
I did ask the IT guy and he said that he has no control over the security settings, because it's a network across all of the schools in the city, not just the school in which I am.
Hey, I've tried using dropbox at school and then it says "cache access denied", maybe that can somehow clarify my problem.
settings
Have you set your settings/applications to allow unknown sources (ie is it ticked).
Colin
colint3 said:
Have you set your settings/applications to allow unknown sources (ie is it ticked).
Colin
Click to expand...
Click to collapse
That's only to allow installing apps not from the Market (sideloading). It has nothing to do with an app working or not.
Haven't you ever heard of proxy and content filtering?
Schools often set up proxies to restrict certain sites and content from working on their networks. They do it for a variety of reason, including bandwidth conservation, content filtering, network security, etc.
More than likely, they have blocked anything that they deem unnecessary. That means that probably only port 80 is allowed (the http port), possibly a few others for https, pop3 and imap for email, etc.
However, if you're a more advanced user, you can probably bypass right past all of this stuff by setting up your own proxy, or using encapsulation (like nstx or icmptx) to bypass their proxy by encapsulating other services inside DNS or ICMP traffic which are usually allowed to bypass the proxy at school. Like I said though, these are advanced techniques and require you to research and set it up yourself.
a.mcdear said:
Haven't you ever heard of proxy and content filtering?
Schools often set up proxies to restrict certain sites and content from working on their networks. They do it for a variety of reason, including bandwidth conservation, content filtering, network security, etc.
More than likely, they have blocked anything that they deem unnecessary. That means that probably only port 80 is allowed (the http port), possibly a few others for https, pop3 and imap for email, etc.
However, if you're a more advanced user, you can probably bypass right past all of this stuff by setting up your own proxy, or using encapsulation (like nstx or icmptx) to bypass their proxy by encapsulating other services inside DNS or ICMP traffic which are usually allowed to bypass the proxy at school. Like I said though, these are advanced techniques and require you to research and set it up yourself.
Click to expand...
Click to collapse
No, I do not no anything about proxy or content filtering, but I remember when I was connecting to the wifi network of the school I was asked to configure the proxy settings by putting some ip address ( I presume that it is an ip adress because it looked like one) and writing 8080 in the port field. If I didn't configure it like that, the internet would simply not work. Could you please tell me where I could educate myself about bypassing proxies or is i a matter that would require a very long time to learn and a lot of prerequisite knowledge?
And by the way, are you sure that this could be done on a tablet? All of that fiddling around seems to require a considerable degree of control which android may lack, or would rooting give me that control?
norsul said:
No, I do not no anything about proxy or content filtering, but I remember when I was connecting to the wifi network of the school I was asked to configure the proxy settings by putting some ip address ( I presume that it is an ip adress because it looked like one) and writing 8080 in the port field. If I didn't configure it like that, the internet would simply not work. Could you please tell me where I could educate myself about bypassing proxies or is i a matter that would require a very long time to learn and a lot of prerequisite knowledge?
And by the way, are you sure that this could be done on a tablet? All of that fiddling around seems to require a considerable degree of control which android may lack, or would rooting give me that control?
Click to expand...
Click to collapse
OK yeah you are going through a proxy then. The good news is, that because you have to configure it manually, they probably aren't using transparent proxy which can make it easier to bypass.
Getting nstx or icmptx working natively on Android should be possible in theory as both are lightweight and designed to work in Linux... perhaps it can be made into a module that can be activated/deactivated with a shell script, or added to a custom kernel.. obviously this would require a rooted tablet to accomplish.
The other required part of the equation is a computer accessible from the internet, which you can set up install a DNS server and nstx on.
If you manage to get it all working correctly, set your home IP address as your proxy instead of your schools proxy, and you should be able to get through. It should also work to let you access the web for free at places like Starbucks or at hotels where the web is normally routed to a site where you have to pay for web access.
Good luck!
a.mcdear said:
OK yeah you are going through a proxy then. The good news is, that because you have to configure it manually, they probably aren't using transparent proxy which can make it easier to bypass.
Getting nstx or icmptx working natively on Android should be possible in theory as both are lightweight and designed to work in Linux... perhaps it can be made into a module that can be activated/deactivated with a shell script, or added to a custom kernel.. obviously this would require a rooted tablet to accomplish.
The other required part of the equation is a computer accessible from the internet, which you can set up install a DNS server and nstx on.
If you manage to get it all working correctly, set your home IP address as your proxy instead of your schools proxy, and you should be able to get through. It should also work to let you access the web for free at places like Starbucks or at hotels where the web is normally routed to a site where you have to pay for web access.
Good luck!
Click to expand...
Click to collapse
That sounds awesome maybe you could make the app id buy it
I found two apps on the android market : proxydroid and ssh tunnel, do you think they would help me to bypass the school's proxy?
And by the way, how legal is this business? I mean I doubt that the school would send be to jail for using google translate but I'm still curious.
Legal issues are a potential problem, but its doubtful it would ever be a problem at school. Setting this up on your tablet certainly isn't illegal in itself, but if you're stealing wifi that you would otherwise have to pay for, you CAN get yourself in quite a bit of trouble if you get caught.
a.mcdear said:
Legal issues are a potential problem, but its doubtful it would ever be a problem at school. Setting this up on your tablet certainly isn't illegal in itself, but if you're stealing wifi that you would otherwise have to pay for, you CAN get yourself in quite a bit of trouble if you get caught.
Click to expand...
Click to collapse
Ok thanks, wifi network in the school is free for all students so I should be ok. But what about those apps I mentioned before?
And how would I protect myself from geting caught and what is the likelyhood of me getting caught? Can they immediately notice it if someone's trying to bypass their firewall or not? I should point out that the it manager in our school knows quite little about the sexurity system or ao he told me when I asked him whether my problem is somehow connected to their security settings, but the network is not pwned by the school, it's owned by the city and it is present in many schools beside mine, so I think that they might take their security seriously. So basically what I am trying to say is that if I investigate this matter, come there and bypass the proxy so that the youtube app works, is it likely that I am going to get caught, and if yes then what are the ways of minimising the risk (please bear in mind that I have not experience in this)? I'm asking this because I think it's not a very good idea to just walk in and hack the network without any experience and expect that there is no possibility of getting caught.
No neither of those apps are really the solution to your problem. There isn't currently an app for Android that will set up encapsulation like I'm talking about.
And yes, your IT manager at school "might" be able to catch you, but only if he's specifically looking for it. What this basically does is encapsulate your regular IP traffic inside DNS packets (or pings for the icmptx method), which are generally allowed to pass through firewalls and content filters. Basically, it is detectable if your network administrator is looking in the right place and knows his stuff. There would either look like a constant stream of DNS requests from a particular IP on the school network, or a constrant stream of ICMP traffic (pings) being sent out. However both ICMP and DNS are normal for any network, so its also equally possible that the administrator never notices that anything is wrong at all...
Some more sophisticated networks may employ transparent DNS or transparent proxy, which would make these efforts much harder. Transparent proxy is able to intercept any traffic and force it through the proxy at school, while transparent DNS is able to intercept DNS traffic and force it to use a specific DNS server regardless of settings on your tablet.
Like I said in the beginning though, these are really advanced networking tricks that certainly aren't easy to set up, even when all the components are readily available.. its possible they haven't even been attempted yet on an Android device. That said, it shouldn't be difficult to port either icmptx or nstx over to Android for somebody with the requisite programming skills.
Hey there folks...this is kind of a more general internet question, but since I have a wi-fi only Xoom, figured there might be others out there in the same boat.
My Xoom is connected to all kinds of Google services (gmail, reader, calendar, etc.).
If I go to a hotel and connect it to the public wi-fi, how "dangerous" is it?
I'm assuming web surfing on public wi-fi, particularly if entering passwords or account numbers, is likely very dangerous if people are sniffing.
But how dangerous is it to have the general Google services going in the background? Are they all more or less encrypted?
(I know another possible answer is "don't worry about it, because if anybody wants to get your stuff, they'll get your stuff. )
Any experiences would be helpful...thank you!
- Eckless
would not worry
Yeah, don't worry about it. You're safe by any reasonable definition of the word.
It's extremely dangerous. Even if you have ssl turned on for all your google services, there are far too many other types of attacks that are trivial to pull off on a public wifi. Either don't do it at all, or do it with a vpn. For example, if you have a home wireless router that's capable of openwrt or ddwrt, set it up with ipsec/l2tp vpn and remote into it. Not perfect, but a hell of a lot safer than freeballing on a public wifi.
Sent from my Xoom using xda premium
Tether off your phone or connect to vpn first. Everytime I find an open network first thing I do is...
Code:
su
bt5
airmon-ng start wlan1
airodump-ng -w opendump wlan1
But that's just me
AHinMaine said:
It's extremely dangerous. Even if you have ssl turned on for all your google services, there are far too many other types of attacks that are trivial to pull off on a public wifi. Either don't do it at all, or do it with a vpn. For example, if you have a home wireless router that's capable of openwrt or ddwrt, set it up with ipsec/l2tp vpn and remote into it. Not perfect, but a hell of a lot safer than freeballing on a public wifi.
Sent from my Xoom using xda premium
Click to expand...
Click to collapse
unless you ssl all your packets all the way to their destination, they can be collected on any router they bounce thru and reassembled and analyzed, after they leave your tunnel, they are wide open for inspection.
just like when the government was collecting all them phone calls a few years back,
I would be more concerned from side loading a app or a malicious app from the market.
don't worry about hopping on your friend's router or the router at McDonald's, unless your the james bond type lol
---------- Post added at 08:56 PM ---------- Previous post was at 08:53 PM ----------
bigrushdog said:
Tether off your phone or connect to vpn first. Everytime I find an open network first thing I do is...
Code:
su
bt5
airmon-ng start wlan1
airodump-ng -w opendump wlan1
But that's just me
Click to expand...
Click to collapse
your a peeker lol
liftman- said:
unless you ssl all your packets all the way to their destination, they can be collected on any router they bounce thru and reassembled and analyzed, after they leave your tunnel, they are wide open for inspection.
just like when the government was collecting all them phone calls a few years back,
I would be more concerned from side loading a app or a malicious app from the market.
don't worry about hopping on your friend's router or the router at McDonald's, unless your the james bond type lol
Click to expand...
Click to collapse
Partially correct, though a naive statement regardless. The whole the-government-can-see-it-no-matter-what-so-why-bother approach may be valid if you're talking about swapping state secrets and plotting against world leaders. It does nothing if you're simply trying to keep your accounts safe from thieves of any sort.
Keep in mind that thieves almost always need people to click links, so they love to start by breaking into people's social accounts. People are much more likely to click a malicious link from a friend than a stranger. So while on the surface it may not seem like a big deal if your facebook account gets hacked, you're letting apathy put every one of the people in your contact list at risk.
bigrushdog said:
Tether off your phone or connect to vpn first. Everytime I find an open network first thing I do is...
Code:
su
bt5
airmon-ng start wlan1
airodump-ng -w opendump wlan1
But that's just me
Click to expand...
Click to collapse
I'm curious - can you point me in the right direction to find out more about this? 'bt5' isn't a recognised shell command for me, heh.
Edit: assuming you're talking about doing this on Android.
TheStickMan said:
I'm curious - can you point me in the right direction to find out more about this? 'bt5' isn't a recognised shell command for me, heh.
Edit: assuming you're talking about doing this on Android.
Click to expand...
Click to collapse
Hint - http://forum.xda-developers.com/showthread.php?t=1280601
SlCKB0Y said:
Hint - http://forum.xda-developers.com/showthread.php?t=1280601
Click to expand...
Click to collapse
Aha! I saw this before, but didn't read into it too much. Thanks!
AHinMaine said:
Partially correct, though a naive statement regardless. The whole the-government-can-see-it-no-matter-what-so-why-bother approach may be valid if you're talking about swapping state secrets and plotting against world leaders. It does nothing if you're simply trying to keep your accounts safe from thieves of any sort.
Keep in mind that thieves almost always need people to click links, so they love to start by breaking into people's social accounts. People are much more likely to click a malicious link from a friend than a stranger. So while on the surface it may not seem like a big deal if your facebook account gets hacked, you're letting apathy put every one of the people in your contact list at risk.
Click to expand...
Click to collapse
I have played with the with ddwrt and turn my leech neighbors pgs upsided down, played with all the "security suites" as many others have, done the war driving ... I understand your point, but I have been hoping wifi every work day for ever and a day and never have had a issue, this doesn't mean that tomorrow I might get it, but imo I will get hit buy a car first.
beside I do not use Facebook lol, and all my family with facebook have already been hack lol
peace
Dev @anonify came up with a seemingly awesome app called Orxy, with paid add-on Orxify; together they integregrate your droid's built in VPN capabilities with the IP-scrambling, onion accessing power of Orbot. It's quick, its easy, its very fast.
However, many hours of searching and I still can't tell if this is really a secure way to access the Deep Web.
For a start, you have to buy a monthly subscription through the Play Store in order to tunnel your data and hide the fact you are using Orbot. So Orxy has your Google details (who evidently have your bank/personal information) right off the bat. That's OK, I guess, theres nothing inherently wrong with that.
However, the difficulty for me arose when saw this article - www.deepdotweb.com/2014/07/08/is-your-vpn-legit-or-****
So - if you use this app, will your IP addresses, logon/off times, or bandwidth usage be logged somewhere? Is that possible with the native Android VPN, whether locally or by Orxy? Can, as in the above article, someone be subpoenaed to give up said information? Or worse, can it be found locally on your machine if it fell into the wrong hands?
Basically, if you want good privacy and security on the Deep Web, will you be OK using this app, or is it infinitely better to use a third party VPN which takes Bitcoin payments and stores absolutely nothing?
Personally, why use a phone for it? Just pay for a vpn, run tor, tweak other settings and viola, explore freely. Your isp will see encrypted traffic coming for your IP but not see you using tor
Sent from my Oneplus One using Tapatalk
I would also recommend using a computer
Lähetetty minun A0001 laitteesta Tapatalkilla
Well I wanna be able to look at an AK-47 for sale on the way to or from work, cos that's when I most feel like owning one (joke)
But seriously. For the same reasons we use a phone instead of a computer for so many things - portability. Smaller, better battery life - cheaper. All these things.
Also I believe there to be far more security flaws with the major OS's, so in theory Android is more secure. Or might be. That's what I'm trying to find out, anyway
When using just orxy/orxify, everything (in terms of traffic) happens locally on your phone. The app doesn't store anything or contact any external service. Just routes traffic through tor running locally on your phone. Security here depends on what you have running on your phone and who has access to it. With tunneling, the app contacts an external proxy with the outgoing tor traffic with an extra layer of encryption. I made a diagram here:
http://forum.xda-developers.com/showpost.php?p=65332501&postcount=366
The proxy does not log IPs. It only sees encrypted tor traffic, so it can't know the data or the destination. At most, someone with access to the proxy would know that a connecting IP is accessing Tor. If they know that IP is yours, then they would know you were connecting to tor, but not what you were doing (within the limits of tor security). They would have to gain access to the proxy while you were actively tunneling tor to do this.
Started getting this while browsing the web on my pixel. I just contacted Google support who said it's not from them. It's just an ad wanting you to download their anti-virus app. Can't wait to root my phone so I can put an ad blocker back on.
There's BILLIONS of similar scams around to that. The obvious giveaway (I mean besides how obviously fraudulent it is), is the grammar.
You can also recognize it based on the fact that the DOMAIN NAME is some kind of nonsense. Anybody can add whatever subdomain they want to any domain they have control over. For instance, if you own the domain name "stupidscammers.com", you can create a layer of subdomains that look like "www.google.com.google-security.this.is.really.google.i.really.promise.stupidscammers.com"
The only part of that that might be *slightly* convincing for an ABSOLUTE NOOB, is that it was able to identify your operating system as "Android" -- well, that is obtained from an identifier string that your web browser sends out to web servers so that the web servers can generate appropriate content that is compatible with your device. It is called the User-Agent, and it does not contain any identifying details. It just tells the server what KIND of web browser you have.
You should NOT have wasted google's time asking them about obvious scam being obvious, and frankly, it is a waste of time to create a thread about it. Before anybody ever uses the internet, they should already be aware of (and be on the lookout) for this kind of scam. And this was a very UNCONVINCING scam, made by obvious amateurs.
Droid1019 said:
Started getting this while browsing the web on my pixel. I just contacted Google support who said it's not from them. It's just an ad wanting you to download their anti-virus app. Can't wait to root my phone so I can put an ad blocker back on.
Click to expand...
Click to collapse
There are apps that are available without rooting your phone. SEVENAdclear or Adguard will work without rooting your phone.
blanco82 said:
There are apps that are available without rooting your phone. SEVENAdclear or Adguard will work without rooting your phone.
Click to expand...
Click to collapse
Have you used either of these in Chrome on the Pixel?
If you fall for this I have some magic beans for sale
lol, these things have been around for years, dude
mymusicathome said:
If you fall for this I have some magic beans for sale
Click to expand...
Click to collapse
Do they give me magic gas?
I've been using Brave Browser for over a month and love it. Just like Chrome (Chromium based) but no ads. No root needed.
Sent from my Pixel using Tapatalk
Definitely a scam. I've seen it in hijack style redirects
Yea this is nothing new. Completely normal when looking at porn