I just bought a Samsung Galaxy Player with the intentions of using it as a wifi phone as a replacement for my cell phone.
The main reason for this is I don't like all the tracking going on with cell phones. Cell phone tower tracking, Carrier IQ tracking, etc., etc. I'm not doing anything illegal and I'm not a conspiracy nut, it's just the principle of it. I'm an American - I'm suppose to have freedoms and be able to have my privacy if I so choose.
I had planned on using either Skype with an online phone number or Google Voice to get voice on my Player. The problem with this is Google is going to track every wifi hotspot I log in from so I'm kind of back at square one - EVERYONE wants to spy on you these days. Not to mention all the criminals trying to get personal info at public hot spots.
So I thought about a VPN. That would stop Google/Skype from tracking the wifi hotspot I log in from. But, how does one find a VPN service that you know without a doubt is trustworthy??? I've even thought about getting my own VPS and installing OpenVPN myself (found a good service for that if anyone is interested). But from a true anonymity standpoint it would be better to use a VPN service who has many other customers all using a shared IP. Plus I'll use the same VPN service for my desktop and it would be nice to log into some websites from another countries sometimes.
I've also looked into setting up my own Asterisk server but haven't had time to get too in-depth with that yet.
Any thoughts or ideas would be greatly appreciated.
That's a bit much. I think skype is safe, though.
Sent from my SGH-T959 using Tapatalk
.
Thread moved to Q&A due to it being a question. Would advise you to read forum rules and post in correct section.
My app was recently banned from Play and you were asking to put it here, so here it is.
I would be really glad if somebody could give me some hints how to get the app back on Play. I read the reason for removal and I think somebody at Google did not understand what the app is doing. There are apps doing the same for router passwords and there is also complete BackTrack distro living for 2 years on Play so I really do not understand why my app was removed!! It is not using any packet injection or other exploits, it only does the same the user can do - try passwords one by one (of course using app is more convenient). We can discuss it in this thread, I would be happy to hear your opinions. Please note that I was learning on this app so it is far from perfect The paid version is better and still living on Play, but I am counting hours to its removal. Well, this really sucks as it cost me lot of work
Thank you for support!
DESCRIPTION
WIBR is application for testing of security of the WPA/WPA2 PSK WiFi networks. This application is NOT FAKE, it really works and it is possible to access the WiFi network if it uses weak password. Read whole description before using.
Dictionary test - it tries passwords from predefined list one by one. Please don't be disappointed if the password will not be found, it simply means that it was not in the dictionary. However, if somebody set his key to "12345678" or "password" it will be detected.
It's easy as 1-2-3.
1) List available networks and select desired network. WIBR is tested on WPA/WPA2 networks with pre-shared key (PSK). Please note, that the testing will be unreliable if the signal is weak! WARNING: HACKING SOMEBODY ELSE'S WIFI IS ILLEGAL! USE THIS APP ONLY ON YOUR OWN NETWORKS!
2) Select desired dictionaries . There are three predefined wordlist which you can use. They contains a list of most commonly used passwords. Please note, that for WPA passwords the minimum length is 8 characters and shorter passwords will be skipped.
3) Wait for results. The process is very slow due to nature of the WiFi connection handling in Android, so be prepared that it can take a loooooooong time. 8 passwords/minute is considered good speed. The wifi have to be enabled all the time, so WIBR is also battery eater!
NOTES
WIBR will change password for the selected network. It is impossible to get this password back. If you are testing previously saved network then the password will be lost.
WIBR will not work on other encryptions than WPA/WPA2.
if it doesn't work:
- you are trying to test network with weak or unstable signal or in very "noisy" environment (i.e. many networks on same channel)
- you are trying to access network which is using so called MAC filtering, so only explicitly allowed devices could access the network
The solution is to try WIBR on another network with good signal.
Perhaps you picked the wrong keyword... Bruteforce+hack sounds very illegal
Sent from my GT-N7100 using Tapatalk 4 Beta
Sorry but it's not welcome here either. I've removed the link to stop you getting into any trouble over it.
Thread closed.
Greetings all and Happy Holidays.
Per some fellow XDA users request and also to compliment the great thread "[TUTO] How To Secure Your Phone," by: unclefab, I figured this would help...a thread on VPN.
I am also shocked to not see anything in the security forum about VPN! I did a search and NOTHING.
What is a VPN?
(Virtual Private Network)
A simple search on the web will give you the nitty gritty stuff on what a VPN is, but I'll just lay it out very simply.
A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection.
How it works:
Encrypts your Computer's/Phone's data ---> Connects it to your VPN's server (Exit Server) ---> Then it reaches the end destination (website). (Safe Passage)
ie...
Safely passes your Internet Data, through a ---> [TUNNEL] ---> ...that is encrypted so that all your data is not only anonymous, but also protected.
There are may VPN's service providers out there, however, they are not all created equal. I've spent a lot of time researching VPN's and have went to great lengths to find the best of the best. The criteria of what I was looking for is as follows:
Offshore Company. Something outside of the US.
Liked and approved by even the extreme private/security activists.
Reliability and Speed! Some VPN's can be very slow only allowing you to achieve 30-50% of your internet speed at best.
A wide choice of servers.
Able to pay anonymously.
A VPN THAT WORKS ON OUR ANDROID DEVICES!
Some VPN companies have their own Android VPN client, which makes things a breeze. Just launch, connect and violla....all your traffic is now safely tunneled.
For the companies that do not have their own Android VPN client, you'll have to use the app: OpenVPN, which can be a hit or a miss for those on KK 4.4. Let me explain...
When I was on my Note 3 on 4.3, OpenVPN worked flawlessly and my speeds were darn near 100% of my regular LTE speeds even connected to a VPN! Well, once KK 4.4 came around, it completely ruined everything in terms of being able to stay connected. KK 4.4 is and was a nightmare for OpenVPN users. Upgrading from 4.3 to 4.4 was the biggest mistake I have ever made in my Android world. Bottom line, KK 4.4 sucks.
The good news is, there are a few VPN companies that work flawlessly on KK 4.4. I'm using one at the moment and it stays connected just fine with awesome speeds!
Why you should use a VPN:
Well think about. You can go the whole nine yards in securing your phone, which is awesome, but then you'd still be tunneling all that traffic "unencrypted," over the internet .... this is counter-intuitive in every way that you look at it. It's like ordering a BIG MAC Extra value meal and getting a diet coke. I mean really? What's the point? Diet? No matter how you see it, you're going to get fat if you keep eating it and thinking a diet coke is going to take edge off of you getting fat. Sorry, it doesn't work that way....
Imagine a semi-trucks driving down the highway with some completely exposed and some locked and covered. Well you'll obviously be able to see the exposed cargo on all the trucks that are not contained yes? Whereas the ones that are covered and locked, you'd have no clue what's in there. This is how a VPN works....it covers your data/traffic so that no one can see or know what is inside of that container during transit...ie...it provides a safe passage of your data over the internet to the end destination.
Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data.
Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada.
In that example, your "encrypted" data/traffic is being routed through Texas and then to Canada where the website is hosted/located. Make sense?
Because you're connecting to a VPN server, this is why you have to know which ones to use so that you can trust your data routing through their servers. Not all VPN companies are created equal!
If you're interested to know which VPN's are best in general and for our Android devices, PM me and I'll share with you my research. I don't want to advertise anything on here to be in compliance with the forum rules.
I hope this helps!
To be continued....
You forgot to tell the data is not encrypted by the VPN between it's server and the website's server, you are only moving a problem from place A to place B. It may be better for you if this is what you are looking for but it doesn't add that much security.
How a VPN works : Your device data is encrypted FIRST, it leaves your device and goes to the VPN's server, it is DECRYPTED, and then it is relayed to the server you were trying to contact. Your data is less traceable but you're not anonymous, the VPN provider knows who you are and your DNS provider may still know what you are looking at if you the device leak DNS requests.
Your guide is missing details, anonymity and security is not easy and trying to simplify it too much you lost important parts users should not forget.
Regards
Magissia said:
You forgot to tell the data is not encrypted by the VPN between it's server and the website's server, you are only moving a problem from place A to place B. It may be better for you if this is what you are looking for but it doesn't add that much security.
How a VPN works : Your device data is encrypted FIRST, it leaves your device and goes to the VPN's server, it is DECRYPTED, and then it is relayed to the server you were trying to contact. Your data is less traceable but you're not anonymous, the VPN provider knows who you are and your DNS provider may still know what you are looking at if you the device leak DNS requests.
Your guide is missing details, anonymity and security is not easy and trying to simplify it too much you lost important parts users should not forget.
Regards
Click to expand...
Click to collapse
Misleading? I think you need to re-read the post. Here let me help you:
"A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection."
"Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data."
"Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada."
So you're going to argue the fact that a VPN wouldn't be affective in a cafe scenario like the example I've given in the post?
Any additional information is appreciated, but please don't come in here saying that it's misleading....
THE FACT IS...YOU'RE BETTER OFF WITH A VPN, than WITHOUT ONE. PERIOD.
It's about trust, the VPN server can do the middle man attack itself or one could do it somewhere between the VPN's server and the final destination.
Of course you're better with a VPN most of the time, but it's important to clearly state it's not captain america's shield neither. It's important to clearly tell at all cost that the data is encrypted only between you and the VPN's server.
Best regards.
The only way to ensure you are safe from MITM is to use end to end encryption, like SSL/TLS (https). Even if the MITM is using sslstrip, you'll be able to tell by the security popup in your browser when it asks you to trust the connection (which you shouldn't...)
VPN is useful for protecting you from someone sniffing the airwaves on an open network or for accessing services behind a firewalled network. (Like SMB/Windows File Sharing).
Like Magissa said, it isn't captain America's shield, and don't be fooled by a false sense of security. You have to trust the VPN provider, and it would be pretty easy for one to sniff your traffic or read logs...
iunlock said:
Greetings all and Happy Holidays.
Per some fellow XDA users request and also to compliment the great thread "[TUTO] How To Secure Your Phone," by: unclefab, I figured this would help...a thread on VPN.
I am also shocked to not see anything in the security forum about VPN! I did a search and NOTHING.
What is a VPN?
(Virtual Private Network)
A simple search on the web will give you the nitty gritty stuff on what a VPN is, but I'll just lay it out very simply.
A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection.
How it works:
Encrypts your Computer's/Phone's data ---> Connects it to your VPN's server (Exit Server) ---> Then it reaches the end destination (website). (Safe Passage)
ie...
Safely passes your Internet Data, through a ---> [TUNNEL] ---> ...that is encrypted so that all your data is not only anonymous, but also protected.
There are may VPN's service providers out there, however, they are not all created equal. I've spent a lot of time researching VPN's and have went to great lengths to find the best of the best. The criteria of what I was looking for is as follows:
Offshore Company. Something outside of the US.
Liked and approved by even the extreme private/security activists.
Reliability and Speed! Some VPN's can be very slow only allowing you to achieve 30-50% of your internet speed at best.
A wide choice of servers.
Able to pay anonymously.
A VPN THAT WORKS ON OUR ANDROID DEVICES!
Some VPN companies have their own Android VPN client, which makes things a breeze. Just launch, connect and violla....all your traffic is now safely tunneled.
For the companies that do not have their own Android VPN client, you'll have to use the app: OpenVPN, which can be a hit or a miss for those on KK 4.4. Let me explain...
When I was on my Note 3 on 4.3, OpenVPN worked flawlessly and my speeds were darn near 100% of my regular LTE speeds even connected to a VPN! Well, once KK 4.4 came around, it completely ruined everything in terms of being able to stay connected. KK 4.4 is and was a nightmare for OpenVPN users. Upgrading from 4.3 to 4.4 was the biggest mistake I have ever made in my Android world. Bottom line, KK 4.4 sucks.
The good news is, there are a few VPN companies that work flawlessly on KK 4.4. I'm using one at the moment and it stays connected just fine with awesome speeds!
Why you should use a VPN:
Well think about. You can go the whole nine yards in securing your phone, which is awesome, but then you'd still be tunneling all that traffic "unencrypted," over the internet .... this is counter-intuitive in every way that you look at it. It's like ordering a BIG MAC Extra value meal and getting a diet coke. I mean really? What's the point? Diet? No matter how you see it, you're going to get fat if you keep eating it and thinking a diet coke is going to take edge off of you getting fat. Sorry, it doesn't work that way....
Imagine a semi-trucks driving down the highway with some completely exposed and some locked and covered. Well you'll obviously be able to see the exposed cargo on all the trucks that are not contained yes? Whereas the ones that are covered and locked, you'd have no clue what's in there. This is how a VPN works....it covers your data/traffic so that no one can see or know what is inside of that container during transit...ie...it provides a safe passage of your data over the internet to the end destination.
Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data.
Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada.
In that example, your "encrypted" data/traffic is being routed through Texas and then to Canada where the website is hosted/located. Make sense?
Because you're connecting to a VPN server, this is why you have to know which ones to use so that you can trust your data routing through their servers. Not all VPN companies are created equal!
If you're interested to know which VPN's are best in general and for our Android devices, PM me and I'll share with you my research. I don't want to advertise anything on here to be in compliance with the forum rules.
I hope this helps!
To be continued....
Click to expand...
Click to collapse
which is the best VPN to use?
I've installed OpenVPN for Android and it works fine.
[VPN (Virtual Private Network) and why you should use it if you're serious ab...
TheMoroccan said:
which is the best VPN to use?
Click to expand...
Click to collapse
There's no concrete answer to that question. Your best bet is to use a VPN provider that's based outside of your country, preferably one that is less likely to corporate with your local law enforcement.
Agreed. Out of country, away from your government's reach... There are some offshore server farms in countries with lax laws... Those are usually tax havens also. Research
snapper.fishes said:
There's no concrete answer to that question. Your best bet is to use a VPN provider that's based outside of your country, preferably one with a less likely to corporate with your local law enforcement.
Click to expand...
Click to collapse
Thanks bro for the info.
G'day all.
Currently I'm using Tor and Orbot on my rooted Galaxy S5. I have a basic idea as to how they work, but I am currently attempting to maintain anonymity on my device and am looking to better understand how this all works as I'm new to having my phone rooted and hoping to delve into development at some point.
With that being said, can someone give me a small detailed rundown as to how they work and what is Transparent proxying? Should I run my apps traffic through Orbot?
Thanks in advance!
I also have a galaxy s5 and I have tried transparent proxying, and it didn't work. I also wouldn't trust orbot with my an anonymity.
I could be very wrong but as I understand it tor is using all the clients at it's disposal to provide internet access to everyone .
Ie while you are using tor to surf racoon prom dresses with 50+ client computers around the world they are using your internet to surf Dragon porn with your (and 50+ other people's) internet.
You are basically anonymous in what you are surfing because if you claim you are running tor you are in fact serving internet to others who you don't know. So you can't be held accountable for something you did not see.(just like your internet provider is not responsible for piracy, porn or anything they provide)
But
Tor was crippled by the fbi when the fbi took the servers in Ireland
arstechnica.com/tech-policy/2013/09/fbi-admits-what-we-all-suspected-it-compromised-freedom-hostings-tor-servers/
And what they did once they will do again and again at will.
The government's of the world are actively taking measures to track everyone.And I'm sure are leading many anonymity projects.
There have been many implications of the fbi and other government agency's paying programmers to install backdoors in open software.
Fact is there is not enough money to audit the work of programmers that work on security for the internet.
(You basically have to pay two or three programmers to check the work of the first and hope they have not been payedoff, blackmailed etc)
There is little safety on the internet.
But tor is a step in the right direction, however it is brutally slow by it's nature. And it has been shown that it can be hacked
Private proxy servers, crowd funded public proxy servers, tor and encryption all used together only help.
Peer to peer networks of trusted individuals (like retro share,tor and similar) or other initiatives are the future of internet security.
But only if you can control and trust the ones you share with.
And even that will be pointless when your devices advertises your mac,isn,imei, and hundreds of other serial ids for you and your hardware.and the company's you buy your hardware from keeps records of that info into the foreseeable future.
Someone should write a faq on digital security and all the methods used to track hardware. And the ways to avoid it
(Ie use free Wi-Fi on a device with a spoofed mac(from a used device bought with cash at a garage sale) while blocking unwanted connections from system applications, using encryption and proxys)
It's like being safe from the cold.
Layer your protection in many ways.
But if it gets cold enough you will feel the chill
AmericanxDownxUnder said:
G'day all.
Currently I'm using Tor and Orbot on my rooted Galaxy S5. I have a basic idea as to how they work, but I am currently attempting to maintain anonymity on my device and am looking to better understand how this all works as I'm new to having my phone rooted and hoping to delve into development at some point.
With that being said, can someone give me a small detailed rundown as to how they work and what is Transparent proxying? Should I run my apps traffic through Orbot?
Thanks in advance!
Click to expand...
Click to collapse
Do you know if Verizon GS5 can be rooted?
I have always known that companies like google and facebook for example collect our data, web searches etc and sell this information for profit. Today, this has become an even bigger issue with what we see in the media with the nsa and other government organizations tapping into our devices and monitoring our usage. At the end of the day, most of us, myself included really dont have anything to hide, so it may not be a real issue. I have often thought that if anyone poked around in my pc or phone they would simply get bored as they are just full of geeky engineering files lol. The real thing for me is simply that it's an invasion of privacy and just not right. With that said, I find myself wanting to go the extra mile to make my pc and my phone completely private from outside sources taking my information, watching my web searches and seeing my data. My question is, is it possible to be 100% secure and private, and if not, how close can we get, and how? I have heard that VPN's can achieve this. Is this true? and if so are there any free secure VPN's for our android devices and or pc's that are really good? Do VPN's slow down our devices? Also, Is there a way when we delete android files to permanently delete them? I noticed when I flashed my rom, after doing the complete wipe that is still contains files from before the wipe.
(I know this isn't a pc forum, I only included the pc because it's relevant.)
Thank you all in advance.
There are no data retention laws in the United States. Meaning, if a data center does not want to hold any logs to their users' activity, they're not required by law to do so. Multiple countries are similar, which is why I recommend using Private Internet Access for your VPN. They have a client for PC and Android and they're really great. I've been using them for many years and have had no issues. And, if you're really wanting to remain "anonymous", you can pay for your VPN subscription using gift cards from popular outlets like Walmart, Starbucks, etc. And for search engines, I'd recommend DuckDuckGo, which doesn't log anything you search. For PC, I'd recommend disabling your IPv6 protocol in your router settings and getting uBlock Origin, HTTPS Everywhere, and PrivacyBadger. They're wonderful add-ons for Firefox or Chrome. uBlock Origin and PrivacyBadger can block WebRTC leaks which would leak your IP address and can be used to identify you. If you want more information, feel free to reply to my post and I'll help you out as much as I can.
Hoxic said:
There are no data retention laws in the United States. Meaning, if a data center does not want to hold any logs to their users' activity, they're not required by law to do so. Multiple countries are similar, which is why I recommend using Private Internet Access for your VPN. They have a client for PC and Android and they're really great. I've been using them for many years and have had no issues. And, if you're really wanting to remain "anonymous", you can pay for your VPN subscription using gift cards from popular outlets like Walmart, Starbucks, etc. And for search engines, I'd recommend DuckDuckGo, which doesn't log anything you search. For PC, I'd recommend disabling your IPv6 protocol in your router settings and getting uBlock Origin, HTTPS Everywhere, and PrivacyBadger. They're wonderful add-ons for Firefox or Chrome. uBlock Origin and PrivacyBadger can block WebRTC leaks which would leak your IP address and can be used to identify you. If you want more information, feel free to reply to my post and I'll help you out as much as I can.
Click to expand...
Click to collapse
Hoxic,
Thank you for all of the information. With the private internet access VPN on my PC and android, will that slow down anything like web surfing, uploads or downloads? I am limited to using Verizon's high speed DSL connection as they refer to it, (I refer to it as slowest speed connection lol) in my neighborhood and this is the only provider for me so it's already pretty slow compared to Fios and other broadband connections. I would hate to slow it down any more.
You mention to pay for these services using gift cards and such. Well as I mentioned, I do not have anything that I am actually worried about anyone seeing, this is simply my way of trying to protect my privacy so I wouldn't go that far but I am curious about that statement. Do you mean that using a VPN truly isn't private or is this just to remove any paper trail linking me to the use of a VPN provider? I have been using DuckDuckGo for several years already just to stop google from taking and selling my info. Weather it truly works or not I dont know but its a great search engine anyway so I figured why not use it.
Your advice to disabling IPv6 protocol in my router settings: I do not see anywhere in my router settings to do this so I googled it, and it looks like there's a way o do this in windows. Is that different that what you're advising? Also I read a windows blog on this and windows 10 says IPv6 is a mandatory part of Windows that they do not advise on disabling. Can you give me some more detail on this, and how to disable it, assuming the windows warning is bull.
Thanks for all of your help.