Related
Hello!
I've found a lot of discussions about data counters, but generaly they all come to some users having good expirience with a particular app and others finding it unreliable.
As my data traffic costs get insanely high after i break the monthly limit, I'm pretty paranoid about my usage, so I myself installed fiew data counting apps and compared results. No two ever showed same figures that could be considered identical for practical purposes.
As I see that's an issue for manny users, I'd like to opet this discussion again here, but from a bit different aproach.
I'd like to know what methods apps use to collect data traffic statistics, what causes them to sometimes do it inaccurately, and is there maybe some superior method that can realy be relied upon?
I use 3G Watchdog and this is very reliable.
It counds UP and DOWN data usage so this could mean data usage appears higher than what your operator charges.
I check my Tesco account and my data usage there is very similar to that of 3G watchdog.
Hi all,
I'm Guy from Onavo, and I wanted to share with you all that after much anticipation Onavo (which was available only for the iPhone till now) has come to Android!
Today we launched Onavo Lite, an app that solves the "Android data leak", as we call it. In the world of capped data plans (not to mention outrageous roaming charges), the problem with the Android ecosystem is apps run constantly in the background, which means they can be using data whether you use the app or not. Users have no control and no way to limit the data that is used. Until now.
Launched today, Onavo Lite puts users in control of their data usage. The app flags 'data hog' apps and allows users to make apps 'WiFi only', effectively stopping the data leakage.
The app helps control data usage and costs through features such as:
- Alerts and warnings: when an app is hogging data in the background, when approaching your cap, or when traveling
- Data hog blocking: can opt to block certain apps over 3G, or 3G data in general once you exceed your data cap to avoid any additional costs
- Tracking: Real-time data plan tracking and early alerts when usage reaches certain limits.
- Advice: Tips on best value data plans based on your actual usage
- Simple set up: Removes all the complexity from mobile data plans
If any of you have any questions, feel free to shoot them my way here in the forum. We would love your feedback on our app.
To download just search for "Onavo" on the Market.
I'm happy to see this app finally reach android, but the version for android doesn't do the main thing it does on the iPhone: compress data.
There are already apps that monitor data usage.. so why is this different?
other apps also have notification and that stuff.
So when will the data compressing feature be available?
Hi Ilya,
Compression for Android is definitely on its way, we are working to bring that to you as well. However we realized that to help users truly tame data plans, we needed to deliver a more holistic solution. Since on Android background data usage is a REAL problem (as opposed to iPhone) so we simply couldn't wait to release this to the public and deliver this great value. (Google for "android iphone data usage" to see a post on our blog, from our chief Android guru, on the conceptual differences between Android's and iPhone's data consumption models).
There are some great meters out there, but nothing provides:
a) Real-time alerts when apps are eating up your data in the background
b) Crowdsourced intelligence that lets you learn from our global community and get advance warnings on apps that may be problematic to your data plan.
c) The ability to block apps from using your mobile data in the background.
Add to that compression, when we release that, and you've got a one-stop-shop for all your data usage needs.
I have a few feature requests:
- specify another currency (as I am in a foreign country, it is definitely the wrong one).
- specify the begin of the monthly plan (I can specify this value for the domestic, but not for the roaming plan)
- specify previously used data - I already used some data prior to the installation
After all, looks promising...
Kind regards,
ww
All good points. Quick questions:
a) the app should suggest your own local currency (that of the SIM). This usually makes sense as if you're on your home operator's SIM you pay in your home currency, if you buy a prepaid SIM locally it would be in that country's price. What's the scenario in your case?
b) Can you describe the kind of roaming plan you're using?
Thanks!
Quick answers:
- austrian SIM (EUR), I am in Switzerland at the moment (roaming). Result: currency shown in CHF.
- my plans both begin on 26th of the month. Domestic plan: 1 GB; roaming plan: 50 MB. In the app I can specify the begin of the domestic plan. But: roaming plan begins today from my point of view.
Kind regards,
ww
Gotcha! Thanks for clarifying - definitely stuff we'd like to take care of.
Keep us posted
@webwude - we just uploaded a new version with some bugfixes, among them we have fixed your point #1 about the currency.
Thank your for the information.
I experiencing a strange issue (maybe related to your app):
since this morning, I get timeouts using the standard internet app, k-9 mail, gmail and so on - only a few apps (mail with exchange, provider app) are still working, all other (which I have used in the meantime) seems to be blocked, even after uninstalling your app. Is there any way to reset things as they were before? If I start apps which I haven't used since yesterday, they can connect... otherwise I can see that there is traffic, but browser or market just get timeouts...
It seems, that there is some sort of lock...
I will investigate this furthermore this evening...
Kin regards,
ww
Hi, i have one question. How do i turn the "Roaming, enjoy your trip" notification off? I'm always roaming (it's complicated) so i'm getting a bit annoyed when that notification sticks itself up there and i can't remove it.
Thanks in advance
There appears to be a huge discrepancy between the usage level reported by 3G Watchdog and Onavo - 304MB and 855MB respectively. What's the cause of the discrepancy, and which app would be more reliable?
@webwude - re some apps not connecting, that shouldn't be Onavo (especially not after you removed it). Did you find out what happened?
@BazookaAce - good point! BTW what kind of SIM are you using?
@Kawdess - we're looking into such discrepancies, will let you know what we find.
Tele 2 Sweden, but I live in Norway and my operator is Tele 2 Norway but Tele 2 Norway is roaming on NetComs towers. Tele 2 Norway doesn't have its own yet.
So since the SIM is swedish it "calls home" (to sweden) before bouncing back to norway and completes the call.
So Tele 2 Norway customers roam 24/7. And no, we do not pay more than normal
Anyone know if Wire Emergency Alerts (CMAS) are made capable in any Infuse ROMs? Or...otherwise how to set this up in an existing ROM? I found this thread in the Galaxy S II Skyrocket forum: http://forum.xda-developers.com/showthread.php?t=1680790.
http://www.fema.gov/help/social_media.shtm
FEMA Text Messages
Use your cell phone’s text messaging capability to receive text message updates from FEMA. FEMA will never charge you for text message alerts, but carrier message and data rates may apply. You should expect to receive periodic updates, the number of which may increase during times of disaster.
FEMA will not use your phone number to track, reverse look up, or for any type of commercial marketing. Your carrier may collect additional data elements, please see their privacy policies for further details.
Here are basic commands to get started:
•To signup to receive monthly preparedness tips: text PREPARE to 43362 (4FEMA)
•To unsubscribe (at any time): text STOP to 43362 (4FEMA)
•To get more information: text INFO to 43362 (4FEMA)
To search for Shelters or Disaster Recovery Centers (DRCs):
•Text SHELTER and a Zip Code to 43362 (4FEMA)
Before you go to a shelter, always check with your local emergency management agency for availability & services.
•Text DRC and a Zip Code to 43362 (4FEMA)
Searching for shelters or Disaster Recovery Centers will not add you to a list. Think of it like doing a search on the Internet.
Tools on FEMA.gov
•RSS/Data Feeds - www.fema.gov/help/rss.shtm
RSS/data feeds automatically provide the public with updated information as soon as it's available.
Thanks TruckerGlenn. The info from fema you cited is useful. I'm really wondering what "new capabilities" the new CMAS-enabled smartphones are utilizing. I assume its software related and therefore can be designed and ported to the Infuse. Alerts will geo-target your phone. For example, one possible alert would work such if the National Weather Service issued a tornado warning for a small warning polygon, your phone would only alert if you were in (or near) that area. I don't even think its gps related, but works via cell towers' knowledge of your connection. I've had an internal NWS warning text notification set up for quite some time wherby i register for various alerts per specific geographic area, but CMAS will work much differently. At&t currently cites only 3 android phones with it.
Infuse w AEON
If you do a fast internet search the FEMA updates will be coming from an installed chip. It will bypass all other fuctions to makensure it comes through
Sent from my Inspire 4G using Tapatalk 2
Please use the Q&A Forum for questions &
Read the Forum Rules Ref Posting
Thanks ✟
Moving to Q&A
There is no chip to govern the CMAS functionality. Here's a good article:
http://www.awareforum.org/2012/02/commercial-mobile-alert-service-cmas-myths-part-1/
74Eldo said:
There is no chip to govern the CMAS functionality. Here's a good article:
http://www.awareforum.org/2012/02/commercial-mobile-alert-service-cmas-myths-part-1/
Click to expand...
Click to collapse
Might want to check again
http://vigilantcitizen.com/latestne...ecial-chip-in-cell-phones-to-send-out-alerts/
zoinks! scoob!
Infuse w AEON
I work for a Cell Broadcast company. The special chip that they are referring to has been in mobile phones for about 16 years. The CB stack is part of the standard communication chipset on older phones (2G on GSM). Newer phones focussed on multimedia and stopped implementing the stack as the market was not using CB. Now CB is being used for Public Warning, the handset manufacturers are reintroducing the old function.
SMS is peer to peer, while Cell broadcast is multicast, within a cell coverage area, without subscriber awareness. It is in the GSM and CDMA standards (3GPP TS 23.041) and all phones and network equipment following the standards completely, would inherently have this function.
The reasons Cell Broadcast is better than ANY other method for reaching the masses are:
Unaffected by network congestion as it is multicast over a priority portion of the signalling channel.
No need to know the numbers or locations of the subscribers; the message is simply broadcast in a defined area and if the phone is tuned in (CB channels enabled), like a terrestrial radio, it will receive the message.
A broadcast can be received by millions of people, possibly everyone in a nation instantly. Something unheard of in all of history.
It cannot be billed or tracked. CB is a one-way communication protocol.
Okay, so, I summed up some 5 articles on this subject - in the hope of starting a discussion about device security. I hope you will find this interesting and meaningful and perhaps you will find out about some of the risks of using Android.
2 months ago Juniper Networks, one of the two biggest network equipment manufactures, published a blog post (1) about an intensive research their mobile threat department had on the Android market place.
In essence they analyzed over 1.7 million apps in Google Play, revealing frightening results and prompting a hard reality check for all of us.
One of the worrying findings is that a significant number of applications contain capabilities that could expose sensitive information to 3rd parties. For example, neither Apple nor Google requires apps to ask permission to access some forms of the device ID, or to send it to outsiders. A Wall Street Journal examination (2) of 101 popular Android (and iPhone) apps found that showed that 56 — that's half — of the apps tested transmitted the phone's unique device ID to other companies without users' awareness or consent. 47 apps — again, almost a half — transmitted the phone's location to other companies.
That means that the apps installed in your phone are 50% likely to clandestinely collect and sell information about you without your knowledge nor your consent. For example when you give permission to an app to see your location, most apps don't disclose if they will pass the location to ad companies.
Moving on to more severe Android vulnerabilities. Many applications perform functions not needed for the apps to work — and they do it under the radar! The lack of transparency about who is collecting information and how it is used is a big problem for us.
Juniper warns, that some apps request permission to clandestinely initiate outgoing calls, send SMS messages and use a device camera. An application that can clandestinely initiate a phone call could be used to silently listen to ambient conversations within hearing distance of a mobile device. I am of course talking about the famous and infamous US Navy PlaceRaider (3).
Thankfully the Navy hasn't released this code but who knows if someone hadn't already jumped on the wagon and started making their own pocket sp?. CIO magazine (4) somewhat reassures us though, that the "highly curated nature of [smartphone] application stores makes it far less likely that such an app would "sneak through" and be available for download."
A summary by The Register (5) of the Juniper Networks audit reads that Juniper discovered that free applications are five times more likely to track user location and a whopping 314 percent more likely to access user address books than paid counterparts. 314%!!!
1 in 40 (2.64%) of free apps request permission to send text messages without notifying users, 5.53 per cent of free apps have permission to access the device camera and 6.4 per cent of free apps have permission to clandestinely initiate background calls. Who knows, someone might just be recording you right now, or submitting your photo to some covert database in Czech Republic — without you even knowing that your personal identity is being compromised.
Google, by the way, is the biggest data recipient — so says The Wall Street Journal. Its AdMob, AdSense, Analytics and DoubleClick units collected data from 40% of the apps they audited. Google's main mobile-ad network is AdMob, which lets advertisers target phone users by location, type of device and "demographic data," including gender or age group.
To quote the The Register on the subjec, the issue of mobile app privacy is not new. However Juniper's research is one of the most comprehensive looks at the state of privacy across the entire Google Android application ecosystem. Don't get me wrong. I love using Google's services and I appreciate the positive effect this company has had over how I live my life. However, with a shady reputation like Google's and with it's troubling attitude towards privacy (Google Maps/Earth, Picasa's nonexistent privacy and the list goes on) I sincerely hope that after reading this you will at least think twice before installing any app.
Links: (please excuse my links I'm a new user and cannot post links)
(1) forums.juniper net/t5/Security-Mobility-Now/Exposing-Your-Personal-Information-There-s-An-App-for-That/ba-p/166058
(2) online.wsj com/article/SB10001424052748704694004576020083703574602.html
(3) technologyreview com/view/509116/best-of-2012-placeraider-the-military-smartphone-malware-designed-to-steal-your-life/
(4) cio com/article/718580/PlaceRaider_Shows_Why_Android_Phones_Are_a_Major_Security_Risk?page=2&taxonomyId=3067
(5) theregister co.uk/2012/11/01/android_app_privacy_audit/
____________________________________________________________________________________________
Now I am proposing a discussion. Starting with - do we have the possibility to monitor device activity on the phone? By monitoring device activity, such as outgoing SMSs and phone calls in the background, the camera functions and so on we can tell if our phone is being abused under the radar and against our consent. What do you think?
.
I am finding it sad and troubling but even more so ironic that nobody here cares about this stuff.
Pdroid allows you to tailor your apps and what permissions your device actually allows on a per app basis. Requires some setup, and the GUI is nothing fancy.. but for those worried about permissions, it is quite ideal.
Edit : http://forum.xda-developers.com/showthread.php?t=1357056
Great project, be sure to thank the dev
Sent from my ADR6425LVW using Tapatalk 2
DontPushButtons said:
Pdroid allows you to tailor your apps and what permissions your device actually allows on a per app basis
Click to expand...
Click to collapse
Sounds good for a start, I'll look it up
pilau said:
Sounds good for a start, I'll look it up
Click to expand...
Click to collapse
Okay, so I looked it up, and Pdroid does look like a fantastic solution to control what apps have access to what information on your droid.
However, it doesn't cover monitoring hardware functions such as texts being sent, calls being placed etc. as described in the OP. Besides, it only works in Gingerbread as far as I could gather.
EDIT: looking at PDroid 2.0, it does exactly what I originally asked
pilau said:
Okay, so I looked it up, and Pdroid does look like a fantastic solution a control what apps have access to what information on you droid.
However, it doesn't cover monitoring hardware functions such as texts being sent, calls being placed etc. as described in the OP. Besides, it only works in Gingerbread as far as I could gather.
Click to expand...
Click to collapse
I actually first found out about it on an ics rom, so it's definitely not just gb. As for monitoring, no clue. Any sort of extra process logging would likely bog down resources or space eventually.
Sent from my ADR6425LVW using Tapatalk 2
DontPushButtons said:
Any sort of extra process logging would likely bog down resources or space eventually.
Click to expand...
Click to collapse
I definitely wouldn't know. This solution looks very complicated in first impression but on the Google play page it says 100% no performance effects.
Anyway, I looked up PDroid 2.0 here on XDA, which is the rightful successor of the original app. It does everything the original app does and also monitors many device activities! Here is the full list of features. I would add a working link but I'm still a n00b and I am restricted from doing so. Sigh....
forum.xda-developers com/showthread.php?t=1923576
PDroid 2.0 allows blocking access for any installed application to the following data separately:
Device ID (IMEI/MEID/ESN)
Subscriber ID (IMSI)
SIM serial (ICCID)
Phone and mailbox number
Incoming call number
Outgoing call number
GPS location
Network location
List of accounts (including your google e-mail address)
Account auth tokens
Contacts
Call logs
Calendar
SMS
MMS
Browser bookmarks and history
System logs
SIM info (operator, country)
Network info (operator, country)
IP Tables(until now only for Java process)
Android ID
Call Phone
Send SMS
Send MMS
Record Audio
Access Camera
Force online state (fake online state to permanent online)
Wifi Info
ICC Access (integrated circuit-card access, for reading/writing sms on ICC)
Switch network state (e.g. mobile network)
Switch Wifi State
Start on Boot (prevents that application gets the INTENT_BOOT_COMPLETE Broadcast)
I've always had the luxury of someone else integrating it into the Rom, then I just had to set it up through the app. It is time-consuming, but not very difficult at all. I say give it a shot and see if that's what you had in mind. Maybe the logging is less detrimental than I had previously thought.
I'm sure you could get your post count up by asking for some tips in that thread. Every forum on xda has at least one person that's EXCESSIVELY helpful, frequently more. So have a ball
Sent from my ADR6425LVW using Tapatalk 2
Pronounced "say candy", the goal of SecAndy is to come up with as secure and private of an OS as possible. So as not to reinvent the wheel, we'll base this initiative on our open source code of choice (Android or maybe other developers' choice).
I am not a developer myself but I can without a doubt, because of former professional experiences, organize a project and gather the right people together as a community in order to make sure that project sees the light of day after it has acquired a life of its own if needed, which I think we will agree is something that this kind of project requires because of the scrutiny it will quickly attract.
I am officially calling upon this post all interested developers that could help us fork Android or other open source OS.
Let's get a kickstarter funded and let the party begin. I will update you later today on the advancement of such.
This thread welcomes constructive ideas and developer participation, but here are beginning requirements we'll need to fulfill eventually to privatize and secure android :
- default browser allowing custom search engines such as https://ixquick.com or duckduckgo
- default system search pointing to those custom engines for online component
- control of gps at firmware level to allow full disability
- peer to peer file exchange (think BitTorrent sync) with 1024 to 2048 bit encryption
- implementation of secure sms and mms exchange (think textsecure)
- implementation of encrypted voice channels (think redphone or SIP with end-to-end encryption)
- root vpn for all online access
- systemwide warning of insecure solutions (example : wanting to use gmail or regular email)
- PGP transparent email solution
- Tor option for root vpn (subject to mitm attacks but more on that later)
- peerguardian type auto-updated database to identify suspicious IP address ranges
- systematic in-out firewall control auto updated with peerguardian database and community based rules database
- hardened malware protection and app permissions with automatic permission audit based on application type
- full device encryption and lockup (in case of unauthorized user)
- full remote wipe out and bricking with auto IMEI reporting (in case of theft, might have to be amended because of attack vector)
- full remote location capability with real time tracking (that one might have to be scratched, high security risk because of attack vector)
This obviously doesn't cover all the bases but would be a good start... I know a lot of these options can be implemented with a mismatch of apps and custom Roms but having it all at an OS level AOKP style would greatly help in building an android by the people for the people community that could eventually loosen the stranglehold of less than transparent corporations.
60 views in 24 hours and not one comment. Obviously I'm approaching this the wrong way. More news at 11.
e-motion said:
60 views in 24 hours and not one comment. Obviously I'm approaching this the wrong way. More news at 11.
Click to expand...
Click to collapse
I don't want to be insulting, but no programming work has been done on your part, and you're just asking for people to dive in this project to get managed by someone they never heard of. It's not really surprising no one has commented yet.
I understand what you're saying but any comment, even if only just to show interest in such a project, will be key to drive developers to it.
I might not have started any development but I have clear understanding of how to design secure solutions. I can't go into details of why that is, however you can clearly see with my 2nd post that some research has been done. If I wanted a solution for me alone, I could just go on with my own little pudding of custom ROM and security apps.
However, because of the recent news events that SHOULD have awaken this population, I thought now might finally be the right time to try to get such a project off the ground. But without anyone even showing any interest, why would any developer be drawn to it ? If people would rather focus more on content consumerism than on what might happen under an umbrella of spooks that they're paying for with their taxes, then they have learned nothing from history and deserve what's coming to them, simple as that.
This is NOT a development thread in case you haven't noticed, so telling me I haven't developed anything yet is not even relevant.
In case anyone cares, this will be moved shortly in the t-mobile Note 2 Android development thread as a Touchwiz proof of concept ROM. Little steps, little steps...
Sent from my SGH-T889 using Tapatalk 2
mobile sec
While I am not a developer I would be interested in this project. I've been thinking about this a bit lately given recent events. I think a useful privacy preserving security related app and phone combo might have these features:
-some way to separate the baseband processor (radio) from the OS. It seems most phones share memory with the radio and this fact can and has been exploited. Own the bb processor and you own the phone. Perhaps a 3g dongle plugged into an android phone in host mode would work. Some of these usb "data only" radios can be unlocked for voice too. I believe a rooted phone with IP tables/firewall running would be much more secure than a conventional mobile phone.
-an anonymising network for connecting to servers/peers. I think the i2p network is well suited for this purpose. Rather than connect to services that are not designed with your anonymity/privacy in mind, connect to hidden/darknet servers that make it extremely difficult to ascertain your real IP and location. Perhaps an i2p router running on your home computer relaying i2p traffic while also maintaining a long lived encrypted connection to your mobile in order to "push" data to it. In this way the user benefits from the anonymising network, contributes to the network, but doesn't have the battery drain of relaying packets from the phone (if this is even possible).
-end-to-end encryption. Perhaps OTR messaging for texting and perhaps openPGP for transferring binary files as I don't believe file transfer in OTR is available at this time.
-an app that uses the above network that is capable of sending/receiving encrypted text, audio, video, gps location etc and does not leak any personal information that you don't want leaked. XMPP might be a good choice (with perhaps out-of-band binary transfers for efficiency). Giving your unique identifier to another person that is using the same app would allow you to communicate with them while not revealing your phone number, imei, imsi, etc. There would be some latency in the communication especially with binary transfers but I would gladly accept that for the added security.
anyway, just wanted to add this to the conversation and hope to see this project take shape as we definitely need more security enabled os's and apps.