Hi, I have a Samsung Galaxy S8+ which I purchased 3 or 4 months ago but I have never used it.
The device has been stored in a drawer because the first time I logged in I could not find a way to block Internet access for specific applications.
Now I would like to start using the device, but only if I can block Internet access (mobile data AND Wi-Fi) for specific applications.
I do not want to allow Internet access to applications like Contacts, Messages, Goople Play Store, Google Play Services, Gallery, etc., etc., etc.
So the question is:
How can I block Internet access (both mobile data and Wi-Fi) to all the applications I choose to? I am not talking about third party apps like firewalls... I want to block Internet access using the built-in (stock) apps/features/whatever... I mean by making use of the options that the device has by default.
Thanks in advance!
No there's no way to limit one app from getting to the Internet built into the phone. You could turn off the sync settings for some of them like Contacts, Gallery, etc.
I have to ask, why does it matter if those apps can get to the Internet? I mean how do you expect to install apps if you were able to block the Play Store?
Un-sync is the only thing you can do, https://play.google.com/store/apps/details?id=eu.faircode.netguard&hl=en is the other option.
What do you mean you can't? What about adhell2? As far as I know, it has internet permission for individual apps, and it doesn't need root...?
mjones73 said:
No there's no way to limit one app from getting to the Internet built into the phone. You could turn off the sync settings for some of them like Contacts, Gallery, etc.
I have to ask, why does it matter if those apps can get to the Internet? I mean how do you expect to install apps if you were able to block the Play Store?
Click to expand...
Click to collapse
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Niccolò Paganini said:
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Click to expand...
Click to collapse
I was gonna say maybe use tinfoil around your phone . If you decide you want to use internet on a specific app remove the foil. But IDK if it'll work though.
dalanik said:
What do you mean you can't? What about adhell2? As far as I know, it has internet permission for individual apps, and it doesn't need root...?
Click to expand...
Click to collapse
Hmm i'll have to look into that.
eddyo1993 said:
I was gonna say maybe use tinfoil around your phone . If you decide you want to use internet on a specific app remove the foil. But IDK if it'll work though.
Click to expand...
Click to collapse
Couldn't he just keep the phone in his tinfoil hat?
Mr. Orange 645 said:
Couldn't he just keep the phone in his tinfoil hat?
Click to expand...
Click to collapse
Yes he can. He can call it a phone accessory.
Take a look at "Datally: mobile data-saving & WiFi app by Google"
https://play.google.com/store/apps/details?id=com.google.android.apps.freighter
Sent from my SM-G955F using Tapatalk
gesbon said:
Take a look at "Datally: mobile data-saving & WiFi app by Google"
https://play.google.com/store/apps/details?id=com.google.android.apps.freighter
Sent from my SM-G955F using Tapatalk
Click to expand...
Click to collapse
If Datally allows control that'd be great. You can control an apps permissions, but none are directly internet.
Niccolò Paganini said:
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Click to expand...
Click to collapse
I guess I'm a fool because I don't care if Google is syncing my data so I could also get to it from my account via my PC..
Maybe you should stick to a Huawei P10 or a flip phone I guess...
Funniest thing ever!! He is complaining that his son can block internet access on his Huawei device, and then complains that his Samsung cannot due the same and therefore is a spyware device. EVEN THOUGH HUAWEI HAS BEEN PROVEN TO BE SPYING ON US CITIZENS BY THE FBI!! Like if u actually cared about your privacy you would stick with Samsung and stay far far away from Huawei
If you have root, use any firewall app available on Playstore such as AFWall+ or Droid Firewall
Niccolò Paganini said:
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Click to expand...
Click to collapse
Hello, i have same concerns with you. Have you find solution to this problem ?
Stock Samsung Apps like samsung music, calendar, camera etc. sending information to internet. I don't want this.
I used to use lineage os before, and this process was so simple. But now i have a s10e. I can't block internet access per apps.
Jail break your phone for true control (definitely worth it), everything you need to know is online. Tin foil ???
Found any solutions? I'd really be happy to find a way to do this without rooting my s10e.
And if you're only solution is still tin foil and think it doesn't make any sense, buy yourself a brain before answering please.
Kojackk said:
Found any solutions? I'd really be happy to find a way to do this without rooting my s10e.
Click to expand...
Click to collapse
Grab Activity Launcher on the Play Store (the one by Adam Szalkowski) and search for "Manage App Data. You can restrict access to mobile data and wifi on a per-app basis.
Related
As the title says: How do I allow only one app which I select to access the data connection?
To clarify, I want all apps to have permission to access the data connection, just not at the same time. (I want only the app I'm using to access the internet at that time.)
Disable background data in settings and use Droidwall (search in market)
Press the THX BUTTON BELOW if I HELPED !!!
Contact me:
My website: Droidiser.in
Facebook
My Facebook Page
Add me to your circles
Twitter
I'm not rooted, so I can't use Droidwall. And, apps seem to access the internet even when background data is disabled
bumpbumpbumpbumpbumpbumpbumpbumpbump
These are the incentives I tired my phone for, Droidwall and other things
Sent from my Galaxy S Infinity on xda free
You have to root it if you wanna block anything. Then Droidwall or LBE.
Wrong section btw.
via XDApp
Personally I think the contacts provider (and other providers)in Android is a huge security risk. Every app and it's brother wants full access to your contacts so they can mine them for usable information. This can be just to add easy links to friends or to spam them with advertisements or offers to identity theft.
I've started using a pim manager that does not access Androids contact provider, calendar provider , tasks or other providers in it's operations.(And I really wish it was open source)
I have already removed the Google sync apks from my device and have removed contacts, calendar in the past. But not the providers.
It might cause some badly written apps to crash.
But I can't forsee any other serious problems.
Ideas? Thoughts?
Honestly sounds like a good idea..
Myself I decided to go for a while without any gapps and any other "store" installed on my phone.
My contacts are imported from a .vcf file which i update manually when needed.
I also have installed AFWall+ and i blocked the internet access to pretty much all the other apps including the system ones.. (everything i could get away with basically )
This could be a solution as well but it's rudimentary one at the moment.
nutpants said:
Personally I think the contacts provider (and other providers)in Android is a huge security risk. Every app and it's brother wants full access to your contacts so they can mine them for usable information. This can be just to add easy links to friends or to spam them with advertisements or offers to identity theft.
I've started using a pim manager that does not access Androids contact provider, calendar provider , tasks or other providers in it's operations.(And I really wish it was open source)
I have already removed the Google sync apks from my device and have removed contacts, calendar in the past. But not the providers.
It might cause some badly written apps to crash.
But I can't forsee any other serious problems.
Ideas? Thoughts?
Click to expand...
Click to collapse
I already don't have Google apps on my device.
Everything blocked with afwall+ using profiles so things only get net when I'm using them on the net.
Fdroid is where I get 90% of my software and from the internet for much of the other 10%
I have a old phone with nothing on it personal at all. Which has play store for the 3 or 4 paid apps I need, it does updates for them and a few free ones. I copy the apks over to my daily driver.
I constantly hound developers on play store to support offline devices and not to implement features that break the app when there is no internet. Even app I don't use lol.
(I have 2 tablets and far too many old phones.only two devices are online(some are local lan only))
Someone should start a offline foundation. But being online it might be ridiculous..
I too removed contacts by using /system/app mover from f-droid. It was unintended as I wanted them as a user application but they wouldn't work like this and the icon vanished, that was fine with me for a long time. The other day I wanted contacts for signal (and telegram also won't work without them). I restored the application files from a backup,
For reference in /system/app/ the missing files were
SecContacts.apk
SecContactsProvider.apk
Other contacts programs like Simple Contacts can't run without a system permission called com.android.contacts and without those files in /system/app the permission doesn't get created at boot. The result being that no contact creation is possible.
What I would really like is a modified version of the system app that passes contacts data to the calling program depending on individual contact entry permissions with regard to each calling app; one list for telegram, another for signal etc. I gather that recent android versions above 6.0.0 have functionality to check calling application certificates so something along these lines should be possible. For earlier versions it might be necessary to switch between multiple contacts databases before starting the messaging app and also removing it from the autoboot list.
https://developer.android.com/guide/topics/permissions/defining
I did some research on internet and most of the articles related to this topic are either outdated or suggests using some kind of another app.
I want to block internet access to apps I've installed without installing any other app or firewall. I was wondering whether there are any inbuilt settings in Lollipop which has this feature?
Basically I am worried that apps like Clean Master, etc. would be snooping around my msgs, contacts lists, pics and sending them to their servers.
Hi,
Thanks for using XDA Assist.
No, there's no built-in feature in Lollipop to block Internet access. That's not a priority for Google
However I do recommend you to use AFWall+ (root required) or NetGuard.
well my company decided that company emails will work only under MDM. So today we tested this app on my mobile on BYOD mode as logical container.
https://www.manageengine.com/mobile-device-management/
And I am really not happy to what this app has access and I can't restrict it, because the access is enabled by admin of MDM. Please see attached screenshot.
the app has access to: camera, contacts, location, phone and storage and i can't block this access.
for contacts, phone and storage it looks like it has access only to folders in container (I hope, as i can't access my contact and documents from work profile). However accessing camera and location is not ok for me. Yes the admin of MDM app can see where i am in live and i can't block it. If I root the device the program will stop working, any other way how to prevent access to camera and location? Using oneplus 7T on Oxygen OS 10.0.15. Thinking about removing this app, but work email on the phone is almost must have for me.
wolfyy said:
well my company decided that company emails will work only under MDM. So today we tested this app on my mobile on BYOD mode as logical container.
https://www.manageengine.com/mobile-device-management/
And I am really not happy to what this app has access and I can't restrict it, because the access is enabled by admin of MDM. Please see attached screenshot.
the app has access to: camera, contacts, location, phone and storage and i can't block this access.
for contacts, phone and storage it looks like it has access only to folders in container (I hope, as i can't access my contact and documents from work profile). However accessing camera and location is not ok for me. Yes the admin of MDM app can see where i am in live and i can't block it. If I root the device the program will stop working, any other way how to prevent access to camera and location? Using oneplus 7T on Oxygen OS 10.0.15. Thinking about removing this app, but work email on the phone is almost must have for me.
Click to expand...
Click to collapse
Whenever a device is enrolled with MDM mobile device management solution, you do not have any control over it. Only an IT admin can make any changes to the device.
The IT admins configure the MDM agent on the device via the MDM server. This includes policy configuration, apps, and content push as well as security controls.
I was recently admitted to a company, and as an ease of accessing my e-mails and work schedule, the android "work profile" was made available so that I could have access to company information (such as e-mails, calendar, information and others) without having to receive a corporate cell phone.
However, my biggest concern is with the organization's access to my data. My organization that created the work profile, can have access to my browsing history, data on the device (such as photos, application files, etc.), time I spend using my cell phone, contacts, call logs, and other data personal profile?
I have already visited the google instructions page, but I was still unsure because my organization installed some network certificates and the warning "Your organization can monitor network traffic ..."
Another question:
If I leave a work profile app open in the background, and use my personal profile at the same time, can my organization have access to network traffic and consequently my personal information?
All questions, however redundant, are intended to clarify the details of the organization's access to my personal information
From now on, I am immensely grateful for the help and time you spent reading my questions.
You are holding a phone in your hands for which an organization has concluded a data plan contract and is paying for it. They therefore will have a legitimate interest in the network traffic on this device, unless it is a contract for unlimted bandwidth. Network traffic is triggered by apps / services , which can actually be read out: they simply have to install a HTTP/S proxy what is intercepting the HTTP/S traffic on any app housed on the phone.
jwoegerbauer said:
You are holding a phone in your hands for which an organization has concluded a data plan contract and is paying for it. They therefore will have a legitimate interest in the network traffic on this device, unless it is a contract for unlimted bandwidth. Network traffic is triggered by apps / services , which can actually be read out: they simply have to install a HTTP/S proxy what is intercepting the HTTP/S traffic on any app housed on the phone.
Click to expand...
Click to collapse
The phone is mine, and there is no plan
of internet hired by the company.
It's my personal cell phone, and for me to get
view emails and talk to people from
within the organization, I had to enable
the "work profile".
So I had my personal and work profile
on my personal device.
My question is: my company can see
my personal files and my online activity
in the "PERSONAL PROFILE"?
Fred964 said:
The phone is mine, and there is no plan
of internet hired by the company.
It's my personal cell phone, and for me to get
view emails and talk to people from
within the organization, I had to enable
the "work profile".
So I had my personal and work profile
on my personal device.
My question is: my company can see
my personal files and my online activity
in the "PERSONAL PROFILE"?
Click to expand...
Click to collapse
I created a second user on my phone named "Company".
If I do this it asks me if I wan't to turn on phone calls and SMS and then warns that
Call and SMS history will be shared with this user.
Click to expand...
Click to collapse
That makes sense, since I (as the owner) can decide whether or not other users of my phone can access that data.
I tried to access owners files via filemanager from "Company" account. I couldn't see anything.
I tried the same but via adb using a root shell -> I had full access to owners files.
Owner has a VPN active. I tried to access that VPN from within "Company". Didn't work.
Tried to access apps from within "Company" -> no luck.
Checked settings -> some are gone, some aren't. E.g. I can see my paired devices (paired from owner) when I'm in "Company" account.
Soo, to answer your question:
Fred964 said:
My organization that created the work profile, can have access to my browsing history, data on the device (such as photos, application files, etc.), time I spend using my cell phone, contacts, call logs, and other data personal profile?
I have already visited the google instructions page, but I was still unsure because my organization installed some network certificates and the warning "Your organization can monitor network traffic ..."
Click to expand...
Click to collapse
Access to browsing history, data, contacts? No.
Time spend? I don't know but in battery usage settings I can see how much battery has been used by the owner account.
Call logs? Yes, If you accepted that.
Your language? Yes.
About certificates: I don't know excactly what they do (I figured if you turn them off your device cannot connect to the internet anymore if that certificate is needed for that connection attempt) but you can go to Security -> Encryption & credentials -> Trusted credentials and turn them off while your in your personal account.
However: One questions remains: Does the profile your company created somehow differ from the one you can create manually via settings? I don't think so, so above things should be valid.
If that's an option you could also ask your company directly (even though I can understand if you might not want to trust them).