Hi, I'm a Samsung galaxy note 3 user, android version 4.4.2, I have it rooted, and xposed installed. I never installed xposed before but I installed it a couple of days ago and now I'm seeing that I can do a lot of things with it, and because of this I started wondering something.
Well, I have an app called Abematv which is a free japanese tv app that I can't use unless I connect through a japanese vpn. I do this by using an app called "japan vpn" and "openvpn connect for android". The problem with this is that sometimes is too slow and the video quality is very low. So I was wondering how could I make this app think I'm using a japanese vpn when I'm really connected to my home wifi without any vpn.
I don't know if this can be done but it sounds like it's the kind of thing that you do through a xposed module. If there's a module that can do this, I don't know how to search for it. So if anyone knows how to do this via xposed or via whatever it makes it possible, please leave a comment
Thanks
azigta said:
Hi, I'm a Samsung galaxy note 3 user, android version 4.4.2, I have it rooted, and xposed installed. I never installed xposed before but I installed it a couple of days ago and now I'm seeing that I can do a lot of things with it, and because of this I started wondering something.
Well, I have an app called Abematv which is a free japanese tv app that I can't use unless I connect through a japanese vpn. I do this by using an app called "japan vpn" and "openvpn connect for android". The problem with this is that sometimes is too slow and the video quality is very low. So I was wondering how could I make this app think I'm using a japanese vpn when I'm really connected to my home wifi without any vpn.
I don't know if this can be done but it sounds like it's the kind of thing that you do through a xposed module. If there's a module that can do this, I don't know how to search for it. So if anyone knows how to do this via xposed or via whatever it makes it possible, please leave a comment
Thanks
Click to expand...
Click to collapse
Ok well first things first. Don't mention lucky patcher here. It is banned as a Warez app and app developers will add code to that purposely causes issues if it is detected.
Depending in how it is getting your location you could make the device think it is in Japan. Something like mocking the Gps.
zelendel said:
Ok well first things first. Don't mention lucky patcher here. It is banned as a Warez app and app developers will add code to that purposely causes issues if it is detected.
Depending in how it is getting your location you could make the device think it is in Japan. Something like mocking the Gps.
Click to expand...
Click to collapse
Hi, I eddited the message so the words don't appear. (would be good if you edit your message so the words don't appear there too, I don't want troubles xD) Thanks.
About the gps thing, I think it doesn't use the gps since I have it disabled and the app doesn't have the permission to get the location, so I think it gets the location based on the ip.
Not all VPN services are the same. Your current VPN service may be slow because it has you connecting through Japan. Nice VPN services allow you to connect to a VPN server in your country while they route your country VPN server to the final destination VPN server. This allows you to sometimes benefit with improved connection speeds. You can do free trials with most VPN services and I recommend maybe moving to another.
Example: Normal VPN> your-device->VPN server in japan->your-device
(upload/download limits determined by home network and ISP max connections)
Higher end VPN> your-device->local VPN->VPN server in japan->local VPN->your-device
(upload/download limit between VPNs determined by VPN servers which maximize limits before passing the information to your local device)
Other info relevant to the topic:
There are many options available to a developer to verify your location in today's internet.
Even your browser for your device has a unique "fingerprint" and if your gps or IP location changes they can still verify it's coming from the same device.
There are ways around browser fingerprinting.
With most programs, there is an order or hierarchy of testing your location. Spoofing your GPS may overrule an IP check. To overcome issues it's important to try and test and try even when met with failures. It's important to not be dismissive of possible solutions when troubleshooting an issue or searching for a work-around.
TehZig said:
Not all VPN services are the same. Your current VPN service may be slow because it has you connecting through Japan. Nice VPN services allow you to connect to a VPN server in your country while they route your country VPN server to the final destination VPN server. This allows you to sometimes benefit with improved connection speeds. You can do free trials with most VPN services and I recommend maybe moving to another.
Example: Normal VPN> your-device->VPN server in japan->your-device
(upload/download limits determined by home network and ISP max connections)
Higher end VPN> your-device->local VPN->VPN server in japan->local VPN->your-device
(upload/download limit between VPNs determined by VPN servers which maximize limits before passing the information to your local device)
Other info relevant to the topic:
There are many options available to a developer to verify your location in today's internet.
Even your browser for your device has a unique "fingerprint" and if your gps or IP location changes they can still verify it's coming from the same device.
There are ways around browser fingerprinting.
With most programs, there is an order or hierarchy of testing your location. Spoofing your GPS may overrule an IP check. To overcome issues it's important to try and test and try even when met with failures. It's important to not be dismissive of possible solutions when troubleshooting an issue or searching for a work-around.
Click to expand...
Click to collapse
ok thanks, I will try to spoof the gps and will comment how it worked .
Related
Hey folks,
I recently installed NoRoot Firewall and found it really interesting to dis/allow network traffic without root. The app uses a local VPN to tunnel traffic and selective adjust the access. It needs permission for startup and networkaccess, the dev says it only needs this for rooting issues (see in-app explanation). The funny thing is, the app runs perfectly even without the INTERNET permission.
Unfortunately, the app isn't open source, the dev is a ghost and it hasn't been audited for security flaws. Although on a German blog, a security specialist has partly audited it for 30 minutes using Wireshark and network analysis. This resulted in no unusual traffic and no manipulations (instead of Mobiwol firewall).
My concern is: Is the app able to manipulate the traffic, that's rooted through itself, to point it or copy it to another destination? I ask, because it even works without internet and wasn't manipulating traffic in the test I read. And if really sensitive data is routed through the app and it's possible to ship this data cloned to another place, it's really disturbing.
I hope someone is able to clarify the technical background.
Greetz
traceless said:
Hey folks,
I recently installed NoRoot Firewall and found it really interesting to dis/allow network traffic without root. The app uses a local VPN to tunnel traffic and selective adjust the access. It needs permission for startup and networkaccess, the dev says it only needs this for rooting issues (see in-app explanation). The funny thing is, the app runs perfectly even without the INTERNET permission.
Unfortunately, the app isn't open source, the dev is a ghost and it hasn't been audited for security flaws. Although on a German blog, a security specialist has partly audited it for 30 minutes using Wireshark and network analysis. This resulted in no unusual traffic and no manipulations (instead of Mobiwol firewall).
My concern is: Is the app able to manipulate the traffic, that's rooted through itself, to point it or copy it to another destination? I ask, because it even works without internet and wasn't manipulating traffic in the test I read. And if really sensitive data is routed through the app and it's possible to ship this data cloned to another place, it's really disturbing.
I hope someone is able to clarify the technical background.
Greetz
Click to expand...
Click to collapse
Has Droidwall been tested?
crobjam said:
Has Droidwall been tested?
Click to expand...
Click to collapse
Doesn't answer my question, but it's open source in contrast to NoRoot Firewall.
I use XPrivacy and it works OK without any additional bakdoors.
It has even more functions (blocking permissions for apps) for privacy protection.
Very good question OP.
This is a extremely useful app but I also would like to know about the possible risks involved.
One would assume that removing the internet access permission (thanks for that suggestion) would render the app harmless but I can't be sure...
EDIT: After removing the app's internet permission with APK Permission Remover I found that the app does run without any error message but it won't allow any app to connect to the internet whatsoever. Which I guess is totally logical since all connections are routed through NoRoot Firewall...
mp107 said:
I use XPrivacy and it works OK without any additional bakdoors.
It has even more functions (blocking permissions for apps) for privacy protection.
Click to expand...
Click to collapse
with the difference that you need root..
I'm looking for no root firewall, NetGuard (alpha) seems to be the alternative
http://forum.xda-developers.com/android/apps-games/app-netguard-root-firewall-t3233012
stpol77 said:
with the difference that you need root..
I'm looking for no root firewall, NetGuard (alpha) seems to be the alternative
http://forum.xda-developers.com/android/apps-games/app-netguard-root-firewall-t3233012
Click to expand...
Click to collapse
riesdepies said:
Very good question OP.
This is a extremely useful app but I also would like to know about the possible risks involved.
One would assume that removing the internet access permission (thanks for that suggestion) would render the app harmless but I can't be sure...
EDIT: After removing the app's internet permission with APK Permission Remover I found that the app does run without any error message but it won't allow any app to connect to the internet whatsoever. Which I guess is totally logical since all connections are routed through NoRoot Firewall...
Click to expand...
Click to collapse
Xprivacy cannot block Android system internet access, as that breaks your internet connection. Another limitation is that it cannot restrict android native apps. So, you need a real firewall to deal with that.
Noroot firewall is a horrible concept: your internet traffic is routed through some unknown server. Whatever you send though the internet is totally exposed to any kind of attacks/exploits. Plus, the issue of open source vs. close is totally irrelevant as applied to servers: so what if they open source their server? You will never know whether that server was built out of that open source.
The only solution is a real firewall.
Please stop listening to dopes who tell you not to root your device. They have an agenda: most of them are either advertisers, spooks or Google employees. The argument that a user doesn't know what he/she is doing and therefore should not have root is false: every known operating system on Earth (windows, mac, linux et al) provides root access/administrative rights to a user. So, how is that the same PC/MAC/Linux user all of a sudden becomes a dummy when it comes to a smart phone? The answer is he does not. But when he gets root, he can restrict advertising, spooking and spying by Google, carriers, advertisers and others.
optimumpro said:
Noroot firewall is a horrible concept: your internet traffic is routed through some unknown server. Whatever you send though the internet is totally exposed to any kind of attacks/exploits. Plus, the issue of open source vs. close is totally irrelevant as applied to servers: so what if they open source their server? You will never know whether that server was built out of that open source.
Click to expand...
Click to collapse
From what I understand, the concept of NoRoot Firewall isn't routing your traffic through an external server but using a local or virtual VPN as a firewall. The Android VPN service is only used to provide control over your connections. This was explained on their web page which now seems to have disappeared. The problem is that one shouldn't just take their word on this and that's why it is relevant that this program is not open source.
There's an interesting discussion on the subject here.
riesdepies said:
From what I understand, the concept of NoRoot Firewall isn't routing your traffic through an external server but using a local or virtual VPN as a firewall. The Android VPN service is only used to provide control over your connections. This was explained on their web page which now seems to have disappeared. The problem is that one shouldn't just take their word on this and that's why it is relevant that this program is not open source.
There's an interesting discussion on the subject here.
Click to expand...
Click to collapse
If that were so, then why would users complain that NoRoot Firewall is increasingly being blocked by various services? That surely indicates a unique IP address, which is different from your mobile/wifi IPs. Android local vpn won't create a separate external IP address. I bet if you go to what's my ip, you will find a curious IP address.
I am always amused by people saying I am looking for a no root app when it comes to security. You just can't secure a system without administrative rights. This is like saying I need protection for my car, which has a habit of swerving around, but do it without using a steering wheel.
optimumpro said:
If that were so, then why would users complain that NoRoot Firewall is increasingly being blocked by various services? That surely indicates a unique IP address, which is different from your mobile/wifi IPs. Android local vpn won't create a separate external IP address. I bet if you go to what's my ip, you will find a curious IP address.
Click to expand...
Click to collapse
I don't know where you read that 'NoRoot Firewall is increasingly being blocked by various services' but maybe it had to do with the fact that you can't use a VPN service while using NoRoot Firewall because it already uses the Android VPN functionality as a firewall.
I also verified my IP adress online and it does not change when I use NoRoot Firewall.
BTW, I am rooted because I like to have full control over my Android but I haven't come across a root firewall app with granular control like NoRoot Firewall. Do you have any suggestions?
I attached a screenshot of the app explaining itself and its permission.
stpol77 said:
with the difference that you need root..
I'm looking for no root firewall, NetGuard (alpha) seems to be the alternative
http://forum.xda-developers.com/android/apps-games/app-netguard-root-firewall-t3233012
Click to expand...
Click to collapse
NetGuard is open source and very easily audited or checked - no Internet access itself.
It isn't as granular as other firewalls, but it has no battery drain, since the VPN service is only used for sinkholing traffic. So for now it's an all or nothing way to block an individual app from network access. There's more details in the thread, and the source is quite readable too.
Its using Vpn so its a power consuming app
Can anyone suggest best root app for restricting internet traffic to apps over wifi/mobile data. And also works as a VPN. The same option is there is noroot firewall. but from somehow from the above discussion, it is not 100% secure.
optimumpro said:
Xprivacy cannot block Android system internet access, as that breaks your internet connection. Another limitation is that it cannot restrict android native apps. So, you need a real firewall to deal with that.
Noroot firewall is a horrible concept: your internet traffic is routed through some unknown server. Whatever you send though the internet is totally exposed to any kind of attacks/exploits. Plus, the issue of open source vs. close is totally irrelevant as applied to servers: so what if they open source their server? You will never know whether that server was built out of that open source.
The only solution is a real firewall.
Please stop listening to dopes who tell you not to root your device. They have an agenda: most of them are either advertisers, spooks or Google employees. The argument that a user doesn't know what he/she is doing and therefore should not have root is false: every known operating system on Earth (windows, mac, linux et al) provides root access/administrative rights to a user. So, how is that the same PC/MAC/Linux user all of a sudden becomes a dummy when it comes to a smart phone? The answer is he does not. But when he gets root, he can restrict advertising, spooking and spying by Google, carriers, advertisers and others.
Click to expand...
Click to collapse
Some of us are just stuck with phones that are locked up tight and can't root to begin with. So I to am looking for a no-root solution. Before this phone I had all the others rooted, when it was an option. I came across this in a search because I just got a gopro, and the app creates a wifi connection between the gopro and the phone. Soooo, if I'm driving with the gopro, the phone, and all other apps think it's on wifi. So while I'm controlling the camera, other apps like Pandora, Amazon Music, and the sort search and search for a connection on that wifi network that's only between phone and camera, and won't resort to mobile data as long as that connection exists. Anyway, calm down.... not everyone has an agenda. Rooting is indeed relatively simple, but it's also equally simple for someone who missed one detail to ruin their phone. Anyone that ever asked me about it, I'd help them and give them a good "what you need to know" before I show them how to make sure they understand how important it is to read read read. If I get the impression they're a little impatient, or this kind of thing goes over their head, I discourage them from rooting. Just because I care and would hate for them to ruin an expensive device.
Hey folks,
I recently signed up in this forum, and I'm aware of it's professionalism. First, I was a simple observer because I wanted to try to understand the basics and it wasn't not a long time I discovered Android.
I installed NoRoot Firewall. My smartphone is rooted and I also installed LightningWall.
I blocked (with LightningWall) outgoing and inbound access concerning "NoRoot Firewall", and NoRoot Firewall is running fine.
Is it the good action to be sure that NoRoot Firewall doesn't export my data to an external server ?
Or it's not the good action because NoRoot Firewall uses a VPN ?
Sorry if my first post is too basic.
I hope someone is able to answer me.
Due to my recent installation of app Network Log, I have examined the I/O on the Net made by NoRoot FireWall.
It appears (by examining the log) that NoRoot FireWall is making I/O on the Net, but unfortunately I can't determine if those I/O are on behalf of applications crossing NoRoot FireWall (through Android VPN functionality), or for app NoRoot FireWall itself.
I don't know how to determine it.
If anybody has an idea.
iwanttoknow said:
Due to my recent installation of app Network Log, I have examined the I/O on the Net made by NoRoot FireWall.
It appears (by examining the log) that NoRoot FireWall is making I/O on the Net, but unfortunately I can't determine if those I/O are on behalf of applications crossing NoRoot FireWall (through Android VPN functionality), or for app NoRoot FireWall itself.
I don't know how to determine it.
If anybody has an idea.
Click to expand...
Click to collapse
guys,
maybe we could just block the noroot firewall app itself in the app list from using data/wifi.
it's running fine for me.
micmaccc said:
guys,
maybe we could just block the noroot firewall app itself in the app list from using data/wifi.
it's running fine for me.
Click to expand...
Click to collapse
Hi,
I blocked output of Noroot Firewall in the list of its controlled app.
I also blocked Noroot Firewall with LightningWall (input and output).
And I observed I/O made by Noroot Firewall in Internet, by using app NetworkLog (examining its log file).
I can't determine if I/O made by Noroot Firewall are really made by Noroot Firewall by itself, or for allowed app crossing Android VPN used by Noroot Firewall.
Is there a tool to determine it ?
Amusons-nous avant tout !
Hello. Please excuse the necro.
A few questions please:
I'm not a networking expert. I do not understand the difference between the pre- and post- filters. Does it need to be redundant, ie mirror the rules on both filters?
How do you know if it's incoming or outgoing?
Also, why is it that even if there is a rule blocking a domain, such as *.domain.comort, I still see a connection being requested?
micmaccc said:
guys,
maybe we could just block the noroot firewall app itself in the app list from using data/wifi.
it's running fine for me.
Click to expand...
Click to collapse
How do you do this? I always thought blocking NoRoot from within NoRoot didn't make sense. Do I need to install another FW?
fpjones3 said:
Hello. Please excuse the necro.
A few questions please:
I'm not a networking expert. I do not understand the difference between the pre- and post- filters. Does it need to be redundant, ie mirror the rules on both filters?
How do you know if it's incoming or outgoing?
Also, why is it that even if there is a rule blocking a domain, such as *.domain.comort, I still see a connection being requested?
How do you do this? I always thought blocking NoRoot from within NoRoot didn't make sense. Do I need to install another FW?
Click to expand...
Click to collapse
Install another FW dosen't make sense, because all traffic through NoRoot. The another FW can't recognize the network access by apps.
---------- Post added at 07:14 AM ---------- Previous post was at 06:58 AM ----------
iwanttoknow said:
Hey folks,
I recently signed up in this forum, and I'm aware of it's professionalism. First, I was a simple observer because I wanted to try to understand the basics and it wasn't not a long time I discovered Android.
I installed NoRoot Firewall. My smartphone is rooted and I also installed LightningWall.
I blocked (with LightningWall) outgoing and inbound access concerning "NoRoot Firewall", and NoRoot Firewall is running fine.
Is it the good action to be sure that NoRoot Firewall doesn't export my data to an external server ?
Or it's not the good action because NoRoot Firewall uses a VPN ?
Sorry if my first post is too basic.
I hope someone is able to answer me.
Click to expand...
Click to collapse
You can think of it as a router on the network.
My European Mate 9 came with some pre installed software out of the box, namely News Republic, WPS Office, Todoist and some others. I didn't bother to uninstall them but I did remove all permissions and mobile/wifi data access on day 1.
I run OpenDNS at home and when checking the logs today I've noticed some unusually high internet accesses to ksmobile.com , ksmobile.net , and cmcm.com
In the last 3 days there have been:
2969 (!!) requests to helpnewsrepublic1.ksmobile.com
82 requests to cm.gcm.ksmobile.com
67 to n.m.ksmobile.net
65 to ws.ksmobile.net
42 to ups.ksmobile.net
167 to ms.cmcm.com
The domains seem to belong to 'Cheetah Mobile', makers of News Republic among some other software that I've never heard before.
The strangest thing is I have never run News Republic. In fact as I've mentioned before I have disabled mobile data, wifi access and removed all permissions from day 1 yet it seems my phone is still communicating with Cheetah Mobile's servers.
Has anyone observed this behaviour with their Mate 9s? What could be going on here?
Wtf dude, that's a great find!
I'm gonna monitor that too. Let's find out.
We already lost privacy long time ago.
Listening in. Great find.
Skickat från min iPhone med Tapatalk
Wow, wtf that's crazy. I'm surprised you discovered all that. Can't say I am completely surprised.
wtf! this is the first time i am using china brand mobile phone, been considered for a very long period before i shift from samsung and LG. hope it is application based not kernel built-in spyware
You are right, but the problem is cheetah mobile. If you install their apps from playstore, you will have the same problem. Their apps are very useful and free, but they send information about our phones to their servers.
I'm a user of news Republic and WPS, since several years ago, in many phones and there is always the same problem[emoji35]
Enviado desde mi MHA-L29
raychak said:
hope it is application based not kernel built-in spyware
Click to expand...
Click to collapse
I've uninstalled News Republic yesterday and proactively blocked the mentioned domains on OpenDNS.com (Settings > select your network > Manage individual domains). Checking the logs today I see no blocked outbound attempts to ksmobile or cmcm which means uninstalling the app might be enough to stop it in its tracks. That's good news.
antz_77 said:
You are right, but the problem is cheetah mobile. If you install their apps from playstore, you will have the same problem.
Click to expand...
Click to collapse
Sure but that doesn't explain (nor justify) why it is establishing outbound connections when 1) I have never run the app and 2) I have disabled data/wifi access on day 1. This is bad enough for an app you've downloaded from the Play Store but even more worrying when it's a pre-installed app.
antz_77 said:
I'm a user of news Republic and WPS, since several years ago, in many phones and there is always the same problem
Click to expand...
Click to collapse
I pinpointed this to News Republic but after reading your comment I did a quick check on WPS Office and I've noticed it's made by Kingsoft which surprise surprise is the parent company of Cheetah Mobile. That's another app I'll be uninstalling then.
Even if you never run the app it still can have a background service
So 1 week after removing News Republic and WPS Office I can confirm that all suspicious traffic has stoped. OpenDNS reports 0 connection attempts in the last 7 days to any of the mentioned URLs so all's good.
Now my attention has shifted to a fairly large number of outbound connections to www.baidu.com (347 attempts yesterday alone). I noticed this on the first days of owning the device but the numbers were in the 80-100 a day. Now that the numbers have tripled I'm wondering if it's due to some rogue app that I've installed (AliExpress?) at a later time or some setting that I've enabled (HiSuite?). Connections to baidu.com don't necessarily mean something fishy is going on in the background but I still would like to know what apps exactly are causing this amount of traffic.
Unfortunately the only Android traffic monitor that I know (OS Monitor) isn't compatible with the Mate 9, or at least with my particular one. Any other suggestions? For now I've resorted to blocking baidu.com via OpenDNS and so far no apps have stopped working.
but you still use facebook ?
I've used NoRoot Firewall to take a closer look at the outbound traffic and came to the conclusion that the culprit for all baidu.com connection attempts is one (or more) of the following system processes:
Android HwResolver
Android System
androidhwext
Call Management
com.huawei.iaware
com.huawei.securitymgr
EuiReceive
FIDO UAF ASM
Fused Location
GeofenceService
HuaweiShare
HwApps
HwARService
HwChrService
HwIndexSearchObserverService
HwLBSService
imonitor
Information
Input Devices
Key Chain
MirrorShare
MMITest
Phone Manager
Power Genius
PredefinedEapSim
ProjectMenu
Settings
Settings Storage
Smart headset control
One (or more) of these processes constantly tries to connect to 103.235.46.39 (baidu.com) but unfortunately that's as detailed as NoRoot Firewall can be. Unless there's an app out there capable of telling us what process exactly is responsible for the connection attempts, the only other way to pinpoint it is by trial and error (ie disable wifi/cellular for certain system apps while keeping an eye on the OpenDNS logs until the connections stop). I don't think I'll bother though.
Once again outbound traffic to Baidu doesn't necessarily mean something fishy is going on in the background. Besides being a search engine Baidu provides cloud services similar to Akamai or Amazon AWS. Huawei might just be using Baidu Cloud Push for some of its apps.
I came searching because I found my phone reporting news republic as power hungry and recommending close. Also instagram. I have never opened either.
Using the power settings I appear to have disabled news republic.
Thanks to this thread, I've now got a longer list of apps to try and disable - its not as easy as my rooted Samsung., because I want to use android pay which precludes rooting.
I _strongly_ recommend uninstalling News Republic and WPS Office. In fact I would run a mile from anything developed by Cheetah Mobile or Kingsoft (parent company).
Regarding Instagram I suggest using Hermit ( https://play.google.com/store/apps/details?id=com.chimbori.hermitcrab ) to create a web app. That's what I did for a whole lot of power hungry apps and I'm happy with the results.
Sent from my MHA-L29 using XDA Labs
enable dev options go to the bottom force the number of background apps to 1 and monitor should allow you to pinpoint the app as it will have been the only 1 running when it pinged
I know the title is rather generic and not strictly related to OP7, but I didn't know where else to post, and as this applies to my OP7, I thought to post here.
OP7
OOS 10.0.7
Rooted, Magisk+TWRP
So far I have been using Blokada to stop ads and it's been a bliss, but the limitation of Android to only run one VPN at a time makes using another VPN a compromise.
Recently I decided to use NordVPN, but as the situation stays now, I must choose between really no ads (Blokada), or NordVPN, but rely on Nord's as filtering which isn't really doing much.
Can you recommend me some reliable Adblocking solutions for rooted phone that can work in parallel with NordVPN and do equally good job as Blokada is doing? I need to block apps across the whole system (apps, websites).
P.S. using YouTube Vanced, so that one is sorted.
Energized magisk module, energized.pro for info on which version best suits you
Adguard dns without any app
Isn't DNS ad-blocking problematic? I've been reading that apps and websites can detect ad- locking DNS and act strangely.
Also, some ISP may not like some DNS... What has been your experience with DNS Adblocking so far?
Hi
I'm using OP7T OOS Beta 7 at the moment. I've been using Blokada for a short time and liked it a lot. But a minor was indeed not being able to combine it with a VPN from another provider. So I tried Blokada VPN. I had the feeling that it was working smoother than the VPN I'm always using. And I like the way they handle accounts. So you could use Blokada and VPN together if you pay for the VPN from Blokada.
So what stopped me using it? Having a long time subscription at NordVPN. I'm not using a vpn much lately. My setup is as follows:
- setup private dns under settings-networks-private dns: dns.adguard.com
- setup Adaway from FDroid (you need root)
- setup NordVPN. Beware to use the apk from the website and not from the Play Store. Only the apk from the website has working cybersec functionality. It can be used together with Adaway.
I've no problems using a dns server that blocks ads and malware. Neither do I have problems using hosts file based blocking like Adaway. Besides that I'm using browsers like Privacy Browser, Firefox nightly, Bromite and ungoogled chromium. And I try not to use apps with ads.
SvenC said:
- setup private dns under settings-networks-private dns: dns.adguard.com
- setup Adaway from FDroid (you need root)
- setup NordVPN. Beware to use the apk from the website and not from the Play Store. Only the apk from the website has working cybersec functionality. It can be used together with Adaway.
Click to expand...
Click to collapse
Thanks, I made the same setup... Seems less strict compared to Blokada, but this I am sure is just a matter of hosts list in adaway.
Do you recommend any hosts in particular besides the ones already in Adaway?
Also, what kind of apps do you split tunnel in NordVPN? Or no need? Everything working as it should?
derei said:
Thanks, I made the same setup... Seems less strict compared to Blokada, but this I am sure is just a matter of hosts list in adaway.
Do you recommend any hosts in particular besides the ones already in Adaway?
Also, what kind of apps do you split tunnel in NordVPN? Or no need? Everything working as it should?
Click to expand...
Click to collapse
Be sure to update hosts file in Adaway regularly. I haven't changed any sources in Adaway. Just the standard setup. It blocks system wide and I don't want it to be too strict. Maybe I want to reach a domain sometimes on some site without hassle. You can start up "dns log"in Adaway and then just use your phone like you always do. It then monitors every request. After a while you can go back to Adaway to view which requests occurred. From there you can block domains that were allowed. Or allow domains that were blocked.
I'm not using vpn a lot lately as I'm in my home country. I use it especially when I'm abroad in less privacy conscious countries. That's why I haven't split anything. But I would just it more, I would split apps like Signal private messenger which are end to end encrypted, and apps that don't seem to work well going through the vpn tunnel.
If you are really concerned about your privacy/ISP, then you should setup VPN always on, or force apps to use vpn tunnel by using a firewall. Although opinions differ on this. To me that's overkill anyway. Do you have apps still showing ads? Or do you mean ads while browsing websites?
SvenC said:
Do you have apps still showing ads? Or do you mean ads while browsing websites?
Click to expand...
Click to collapse
Yes, some apps are still showing placeholders. Didn't check all apps...but with Blokada I didn't even have the placeholders. Isn't a big nuisance, but if I can find a solution for it, for the better.
As for vpn usage... i just made some network speed tests... what do you see... it was better over the vpn. For some reason my isp was throttling my mobile (weird). So, I decided to allow NordVPN to always connect to the fastest server.
About tunneling, I was interested if any app misbehaves when on vpn (for example Netflix, or banking apps, if you personally encountered some issue).
derei said:
Yes, some apps are still showing placeholders. Didn't check all apps...but with Blokada I didn't even have the placeholders. Isn't a big nuisance, but if I can find a solution for it, for the better.
As for vpn usage... i just made some network speed tests... what do you see... it was better over the vpn. For some reason my isp was throttling my mobile (weird). So, I decided to allow NordVPN to always connect to the fastest server.
About tunneling, I was interested if any app misbehaves when on vpn (for example Netflix, or banking apps, if you personally encountered some issue).
Click to expand...
Click to collapse
I keep apps with ads at a minimum, so probably that's why I haven't any problems like that. I remember having problems setting up Payconiq and Transferwise while on vpn. After finishing the setup, only Transferwise still gives problems while on vpn. I don't have streaming or social apps besides Telegram and Keybase.
That said, if I didn't have a subscription from NordVPN, I would use Blokada and pay for its vpn. Everything in one app. But in case speed is important, probably Nord is a better option.
derei said:
Isn't DNS ad-blocking problematic? I've been reading that apps and websites can detect ad- locking DNS and act strangely.
Also, some ISP may not like some DNS... What has been your experience with DNS Adblocking so far?
Click to expand...
Click to collapse
You may have the same problems you have with VPN apps, I have not had any problems for the moment and I have been using dns adguard for some time ... once there was a problem in the server and they crashed but just set '' automatic dns' 'until the problem is solved. In any case, if you don't have root the only way is vpn or dns
I tried the Magisk module Energized but couldn't make it work. I got an error that it was not compatible although I had systemless hosts installed. Otherwise it seemed promising.
I'm testing another app now: Nebulo. At first sight I like it very much. But don't download it from Google Play cause that's a very limited version. Downloading it from Aurora Droid seems the easiest way. It's like Blokada, but I like it more. You can add packages to block ads. And the choice is large. You have a lot of dns servers to choose from. You can test the speed of the servers. Not just a ping test, but a revolution test. You can use cache to avoid sending the same dns requests over and over to the server; to speed up browsing. And a lot of other settings. Worth taking a look at.
Tried Magisk module energized.pro module on another ROM with success now. Using private DNS settings in android combined with that module. My favorite setup at the moment.
Hello everybody, i am using Graphene OS and only FOSS apps and i have a question. Recently i see some Foss apps also have "trackers" like Duckduckgo browser for example. I want to choose which apps i can block the internet connection for + the communication wich each other + VPN. I tried to use a "firewall" like netguard to block internet connection from the apps whoem don't need it + trackercontrol to block the trackers from all the apps and OpenVPN to hide my IP adress. But i can't use these 3 apps at once because the phone recognize them all as an VPN. Does anyone have the solution for this for me?
Use Brave browser.
jwoegerbauer said:
Use Brave browser.
Click to expand...
Click to collapse
That is only for tracking on web browsing. I am searching to block unwanted trackers on the background from the apps also
When you are on the Internet, data such as IIP address, browser type, operating system, etc.pp, are inevitably transported with. Even a VPN service - what is superior to a Proxy - get this data transmitted. And you never will really know what the VPN service is doing with these data - at least VPN services that are free-of-charge - and whether they themselves run Man in the Middle Attacks or not.
BTW: A Firewall protects a network’s resources from intrusion by users on another network such as the Internet. All networked and online Android users should implement a Firewall solution, IMO. If you have a rooted Android smartphone, you can use AFWall+ to control your device’s Internet activities. AFWall+ also allows users to control Internet access on a per-app basis.
jwoegerbauer said:
When you are on the Internet, data such as IIP address, browser type, operating system, etc.pp, are inevitably transported with. Even a VPN service - what is superior to a Proxy - get this data transmitted. And you never will really know what the VPN service is doing with these data - at least VPN services that are free-of-charge - and whether they themselves run Man in the Middle Attacks or not.
BTW: A Firewall protects a network’s resources from intrusion by users on another network such as the Internet. All networked and online Android users should implement a Firewall solution, IMO. If you have a rooted Android smartphone, you can use AFWall+ to control your device’s Internet activities. AFWall+ also allows users to control Internet access on a per-app basis.
Click to expand...
Click to collapse
Thabk you very much for youre great advice. So if i understand it good it is VPN connection is not a top priority right? Is it also true that GrapheneOs creates every day another imei number? Is the firewall solution of AFWall+ not the same as Netguard? If no can you please tell me what the difference is. AFWall+ gives in Fdroid that it has antifunctions, also for a lot of other apps. Does that have also influence on privacy and security?
I don't
1. make use of VPNs
2. know anything about GraphenOS. Changing IMEI and/or Wi-Fi Mac Address on a per daily basis makes no sense for me
3. use NetGuard, never tried it
Hi, as you know, the P7 series comes with free VPN by Google One for 5 years.
And like most VPNs by big brands (Apple, Microsoft, Google), it doesn't allow manually switching the geolocation of the end server.
Is there a known way to do this for G1 VPN?
Ideal: modded G1 APK that doesn't require root.
Though I suspect rooting will be required , and isn't a problem for me.
How were you able to find the VPN settings? Couldn't find it in my P7pro settings
It says 'coming soon'. When it does arrive, I suspect it'll be via the Google One app, not Settings.