Database Info

[Q] Your privacy opinions please

I just bought a Samsung Galaxy Player with the intentions of using it as a wifi phone as a replacement for my cell phone.
The main reason for this is I don't like all the tracking going on with cell phones. Cell phone tower tracking, Carrier IQ tracking, etc., etc. I'm not doing anything illegal and I'm not a conspiracy nut, it's just the principle of it. I'm an American - I'm suppose to have freedoms and be able to have my privacy if I so choose.
I had planned on using either Skype with an online phone number or Google Voice to get voice on my Player. The problem with this is Google is going to track every wifi hotspot I log in from so I'm kind of back at square one - EVERYONE wants to spy on you these days. Not to mention all the criminals trying to get personal info at public hot spots.
So I thought about a VPN. That would stop Google/Skype from tracking the wifi hotspot I log in from. But, how does one find a VPN service that you know without a doubt is trustworthy??? I've even thought about getting my own VPS and installing OpenVPN myself (found a good service for that if anyone is interested). But from a true anonymity standpoint it would be better to use a VPN service who has many other customers all using a shared IP. Plus I'll use the same VPN service for my desktop and it would be nice to log into some websites from another countries sometimes.
I've also looked into setting up my own Asterisk server but haven't had time to get too in-depth with that yet.
Any thoughts or ideas would be greatly appreciated.

That's a bit much. I think skype is safe, though.
Sent from my SGH-T959 using Tapatalk

.
Thread moved to Q&A due to it being a question. Would advise you to read forum rules and post in correct section.

[Q] Denied Tethering, Privacy, and the Law . . .

READ THE UPDATE AT THE BOTTOM
IS T-MOBILE IN VIOLATION CITIZEN'S PRIVACY AND POSSIBLY THE LAW​
Recently it has come to attention that T-mobile is blocking tethering based on the type of browser that you use.
HOW THE OLD HACK WORKED​
T-Mobile tethering can usually be subverted with a "rooted" phone by freezing or uninstalling the Tethering Manager app that usually prevents tethering unless you pay for it. Basically, the On/Off switch was in the users handset. Many users were using this trick and gaining tethering without paying for it until recently.
WHAT CHANGED ? ? ? ​
Apparently, T-Mobile decided to fix this by intelligently eavesdropping on all web communications of its customers looking for the field of data in your request which identifies the type of browser that you use.
Then based on your web browser (if you use a browser identified as one that does not generally run on a mobile device) they deny access by redirecting you to their page where the advertise their additional tethering service.
PRETTY SOLID EVIDENCE​
So the question is how this can be proven. Simple grab one of those "rooted" phones that used to work, and tether them to one another them using wireless. Since the the phones are both is using a mobile browser, (the same browser) then T-Mobile wont be able to tell the difference so you can tether all you want. You are now using one phones internet connection through the other.
Now tether to a P.C. using wireless and use Chrome . . . if it works it will be for only a little while before you are denied service and redirected to T-Mobiles page advertising tethering services.
THE SIGNIFICANT QUESTIONS AT HAND​
So now that we know that T-Mobile is monitoring our web communications what are the social and ethical implications. Their basically saying since your using our service we will look at what your doing when ever we want.
Really?
-What else are you looking at and logging T-Mobile?
-What does the law say about this?
-In the U.S. what does the F.C.C. have to say about this?
-Is this a moral practice?
-How do customers feel about being spied on by their trusted service provider?
-Why would we pay to unblock something that we have already purchased?
WHAT HAS T-MOBILE ACHIEVED BY DOING THIS​
Its not like T-Mobile will actually achieve anything for long (A few days at most before a wide spread workaround). People smart enough to root their phones are also smart enough to get around this, as I will discuss this is not even an obstacle.
T-MOBILES GREAT UNSPOKEN ANNOUNCEMENT​
All that T-Mobile achieved by doing this is tell the world a little more about how deeply they are watching what their beloved customers are doing at all times.
THE WORKAROUND​
Please bear with me if you are technically inclined, I am trying to make this simple so it could be understood by all.
A simple app that intercept the request of the tethered device and intelligently scans and strips the field of data identifying the requesting browser as anything other that the stock authorized android browser then replaces this data to make it appear that is was the authorized stock mobile browser making the request.
The app would then make the appropriate changes to the data received for the request and make the appropriate changes for the tethered browser to understand and route if over to that browser.
That's it, undetectable tether again ! ! !
I'm looking forward to hearing your answers.
Thanks
* * * * * * * U P D A T E * * * * * * *
I have posted some easy workarounds from my posts below for easy access.
This is not meant for, or in any way advocating violating your TOS. This is to get third party browsers, Browsers running in Virtual Machienes on your phone . . . to work. However I cannot tell you what to do; so use your judgment. I am not responsible for any misuse of this information.
​
Method 1 Changing the User Agent String of your browser:
This plugin allows you to change the UAString on Chrome:
https://chrome.google.com/webstore/detail/djflhoibgkdhkhhcedjiklpkjnoahfmg <-Updated the dead link
A second option (In case you have issues with FireFox) would be:
https://addons.mozilla.org/en-US/fir...gent-switcher/
And apparently, Opera has a Built in UAString changer:
http://www.davidtan.org/how-to-chang...-agent-string/
If you use Internet Exploiter (excuse me) Explorer for some unknown reason:
http://www.enhanceie.com/ietoys/uapick.asp
Please note:
If you change your UAString to an Android Browser UAstring, then you will usually only get the Mobile versions of the web pages you view. For most people changing the UAString to the standard FireFox UAString seems to work fine.
Method 2 Using a VPN:
Many programs are available which provide VPN (Virtual Private Network) access to your home network. Using these tools an encrypted connection between your phone and home network will be established. As a result T-Mobiles eavesdropping techniques will not be able to decipher the data between you and your home network. Once a connection has been established with your home network, then your Internet requests can be relayed through your home Internet connection . . . If you don not have a home Internet connection, then there are many services available that provide an Internet gateway for you to VPN into.
Some of the available options include:
Using your home PC or MAC as your own VPN server:
http://www.openvpn.net
Using a power efficient home router as a VPN server, using either the factory firmware, and if unsupported using a custom firmware:
The Linksys WRT-54G Router, an affordable classic:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
http://www.amazon.com/s/ref=nb_sb_noss_1?url=search-alias=aps&field-keywords=wrt+54g
A powerful custom firmware supporting many routers:
http://www.dd-wrt.com/site/index
*******List of Issues As Reported by Many Customers*******​​​
1. Many third party browsers and many browsers running in a virtualised operating system are being blocked and the innocent user is being accused of tethering,in some reported cases, even the ICS web browser.
2. T-mobile refuses to fix this by stating that the Web Browser is not supported (3rd party) when one of their main selling points is Multimedia and apps and a Working TCP / IP interface for applications and is seemingly deliberately casting blame on the third party app when in fact it is T-Mobile that is spoofing and redirecting the application due to overly paranoid, ineffective,abusive and despotic counter measure aimed at people who break TOS via tethering.
3. The privacy of the user is violated due to intelligent packet sniffing on their wireless internet communications. Furthermore, the scope of monitoring is unknown, and there are many privacy concerns such as why System Manager continues to run in the background even when the user opts out of Carrier IQ and how deep it is capable of monitoring.
4. Many people who signed contracts for data plans claim they never agreed to pay any extra fee for tethering and claim that they are no longer bound to T-Mobile's contract due to this violation.
5. People on prepay plans are now denied tethering when the allowance of tethering implied continued tethering service.
6. Some prepay customers claim they purchased a month of service, or perhaps more and were provided with tethering for only part of their service period before T-mobile stopped providing part of the service (tethering) that they had already sold without refunding the customers for the nonexistent service the had payed for.
7. It has been reported that when T-Mobile throttles users ,who have gone over their high speed bandwidth allowance, to 3G speeds customers are not throttled to the ITU spec 3G speed. Instead most people report being limited to an average of about 119kbps.
8. It is further reported that throttling seems to discriminate against users who purchase more high speed data allowance and have reached their limit. For instance, A customer who purchases 2GB of high speed data and has uses it all up may be capped to about 119kbps in contrast to a customer who purchased 5GB of data who may be capped to a much lower and nearly unusable speed. Many people have reported this sort of discriminatory throttling. So, it seems that the more you pay T-Mobile and buy services, then commit the horrible act of using the service that you have paid for, you are punished.
Of interest:​
da-pharoah has brought to our attention a free app that is supposed to bypass tethering restrictions with no need for root access, proving once more that T-Mobile's measures were frivolous, and ineffective. Their measures don't prevent people who want to tether from doing so; that has been proven over and over again. Their methods only hurt and shame their valued innocent customers who are accused of tethering.
The app is called Foxfi and its free
Thank you da-pharoah
This test shows that T-Mobile may be trying to punish people who purchase higher bandwidth and actually use it.​
The following screenshot is from a phone that is running a stock firmware and has deliberately, and legitimately used the full 5GB high speed allowance for the month.
​
As you can see on a throttled 5GB plan the connection seems to be, at best, about 60kbps. Please note that this is with a pretty good connection. Most people claim an average of about 119kbps on a throttled 2GB plan. Since this seems to be the case, this shows that T-Mobile is discriminating against their higher paying customers and is punishing them for using the full amount of bandwidth the purchased. It seems that the more you purchase and use the more you are punished.
It was reported by a customer care representative, that the throttling should bring a customer down to a speed, much less than 60kbps regardless of the type of plan, and that those experiencing higher speeds should feel "lucky."
The problem is that this 60k seems to only be acquired with an optimal signal level and while stationary. It is reported that most of the time the speed drops down so low and the latency becomes so high that almost all internet requests are timed out.
The aforementioned scenario would make the advertised unlimited internet access, in actuality, very limited, and the user of a throttled 5GB plan would then not be receiving the service that was advertised, or that they payed for. At that point the internet service is quite useless and nearly nonexistent, when in fact a working low speed internet service is advertised for those who have reached their high speed data cap.
UPDATE
This document is for information purposes only. I do not advocate violating your contract terms or any illegal activity. you assume full liability and responsibility for the use of this information.​
Many people have reported to me that their tethering no longer works even after killing the tethering manager.
Many have asked me to look into this, here are my findings:
It seems that T-Mobile has implemented a new hidden APN in their ROMs. When you activate tethering, your connected devices seem to be routed through a different APN than your phone uses which is where the block is, if you have not paid the tax.
The answer:
A. For users:
Create a new APN name called "Tethering" and copy the information from your T-Mobile APN to it. There is no need to activate this APN. Immediately after doing so you should regain your full connection. Tested on a SGH-T989 (T-Mobile SGS 2) and reported to work.
B. Mostly for ROM authors:
Edit the appropriate configuration files and change all APNs (usually "epc.pcweb.com") to "epc.tmobile.com" or any other working APN such as MVNO APNs ("simple" . . .)
All test reports submitted to me report this is working and that my theory was accurate.
from: http://forum.xda-developers.com/showthread.php?p=33287279

Threads like this have a sad history of going absolutely nowhere. On a side note, you need to become more familiar with the subject (no, those questions in Networking+PM were not enough)
The technologically inept usually (always) cry about privacy issues when it comes to similar topics. While ISPs and cell carriers have a habit of not caring at all about your privacy, tethering detection does not require a breach of anything you would consider private. Websites you visit get the same information - it's what gets you redirected to a "mobile" website.
To put it in simple terms, when you don't pay for tethering, this happens: Cell carriers look at the type of your browser's data request (user agent, in the case of T-Mobile USA). If it's a desktop browser, you get forwarded to the upsell page or you get a text message about it.
Your app idea is actually unnecessary as it's already possible to spoof user agent strings - but it's done by modifying the browser itself. Capturing every packet sent, checking for UAstring and modifying it would be completely unrealistic.

luftrofl said:
Threads like this have a sad history of going absolutely nowhere. On a side note, you need to become more familiar with the subject (no, those questions in Networking+PM were not enough)
The technologically inept usually (always) cry about privacy issues when it comes to similar topics. While ISPs and cell carriers have a habit of not caring at all about your privacy, tethering detection does not require a breach of anything you would consider private. Websites you visit get the same information - it's what gets you redirected to a "mobile" website.
To put it in simple terms, when you don't pay for tethering, this happens: Cell carriers look at the type of your browser's data request (user agent, in the case of T-Mobile USA). If it's a desktop browser, you get forwarded to the upsell page or you get a text message about it.
Your app idea is actually unnecessary as it's already possible to spoof user agent strings - but it's done by modifying the browser itself. Capturing every packet sent, checking for UAstring and modifying it would be completely unrealistic.
Click to expand...
Click to collapse
I have been a UNIX system administrator for over 15 years. During this time I have come across many diffident people and opinions.
I personally think that packet inspection in any form is a violation of the consumers rights.
Furthermore, I don't care to tether at all. The issue surfaced when my Firefox browser in Ubuntu running on my smart phone began falsely claiming that I was tethering.
Further, many people who use ICS are reporting being redirected to the same website and accused of tethering.
Running an app in the phone to change the user agent string is also very feasible. There are already apps that do that, but they don't support wireless connections, just USB. If a linksys router from the year 2000 can do it with its limited processing power, then a low power phone by todays standards has no problem.
Sent from my SGH-T989 using Tapatalk 2

Your best bet would be to look at your TOS and read it closely. ISPs of all kinds reserve the right to monitor all data traffic on their net work. If tethering is not offered on the plan you have Legally you are in breach of your contract and can be sued. ATT does the same thing and this has been talked about to death.

zelendel said:
Your best bet would be to look at your TOS and read it closely. ISPs of all kinds reserve the right to monitor all data traffic on their net work. If tethering is not offered on the plan you have Legally you are in breach of your contract and can be sued. ATT does the same thing and this has been talked about to death.
Click to expand...
Click to collapse
Thank you. I agree, but the issue is that this does not really prevent people (root users) from tethering, instead it prevents third party Web browsers from properly resolving DNS. Full blown browsers in ICS and virtualized machines are mistaken as tethered systems.
T-mobile's excuse is there is something wrong with the third party app and that the third party app is not supported or their responsibility.
The reality is that T-mobile's responsibility is to provide an industry standard TCP/IP connection for our third party apps, and there is nothing wrong with the app, their system is spoofing the app due to paranoid programming.
They did not sell us Android phones with the google play market because they don't support it. Why do they advertise access to apps, but once they sell you the phone, if its not going their way they all the sudden don't support compatibility.
I could understand not sporting a third party app but they can't use this as an ecxcuse to not support their own platform and justify messing up compatibility with Android apps due to their paranoia of people bypassing their tethering manager.
Further, what are the laws regarding packet inspection?
Sent from my SGH-T989 using Tapatalk 2

Easy Workarounds
Disclaimer
This is meant to help those with issues they may be having running third party browsers on their phones. This information is not meant for the subversion of tethering detection by your service provider, and or the violation of your terms of service.
As was pointed out the User Agent String (UAString can be easily changed on the browser of choice. Although, a plugin is needed on chrome.
Apparently most versions of FireFox and Opera work fine, perhaps the UAStrings are the same as on the mobile versions?
This plugin allows you to change the UAString on Chrome:
Download link: http://www.google.com/url?sa=t&rct=...XUjalz&usg=AFQjCNED4rpi3tE0I2o90jlPHLkCKbHjtA
A second option (In case you have issues with FireFox) would be:
https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/
And apparently Opera has a Built in UAString changer:
http://www.davidtan.org/how-to-change-opera-user-agent-string/
If you use Internet Exploiter (excuse me) Explorer for some unknown reason:
http://www.enhanceie.com/ietoys/uapick.asp
Please note:
If you change your UAString to an Android Browser UAstring, then you will usually only get the Mobile versions of the web pages you view. For most people changing the UAString to the standard FireFox UAString seems to work fine.
I hope this help everyone out.

Another option to avoid thethering detection is using VPN. As long as your phone sends all data encrypted over the VPN, they won't be able to detect it.
Downside is, you need a VPN endpoint. This means you need to have a always-on device at home that can handle this OR you need to pay for a VPN account somewhere.

I was getting blocked untill i stopped using chrome.
No chrome = no block. Tmobile identifies the user agent string chrome uses.

Fludizz said:
Another option to avoid thethering detection is using VPN. As long as your phone sends all data encrypted over the VPN, they won't be able to detect it.
Downside is, you need a VPN endpoint. This means you need to have a always-on device at home that can handle this OR you need to pay for a VPN account somewhere.
Click to expand...
Click to collapse
There is open source firmware for low power linksys routers that provides VPN functionality.
Sent from my SGH-T989 using Tapatalk 2

I wonder where the lines between illegal wiretapping and packet inspection are drawn.
On another note, I had my dolphin browser on my phone redirected to their ads because of the string I was using (iPad). They're doing a pretty shabby job of intercepting traffic accurately.
Vpn> I'd probably consider taxing them via exploiting data usage until I get them to sever the contract too.
All this is an effort to keep customers from using what they pay for, "unlimited" data.
We should probably answer back with a more serious response as a group, namely a coordinated effort to use every last byte of data transfer we're paying for each month. Frame the argument in terms consumers all understand. How much data/money are you wasting/giving away to Tmobile every month? You paid for it, be sure to use it! Tmo will love that.
Sent from Scott LaRock's TR808

Agreed. I think if enough of us are verbal about their methods we might be able to get something resolved.
Any suggestions?
Sent from my Galaxy Nexus

you don't need a plugin to change the user agent on desktop chrome, you can do it from developer tools. this is how to do it on mac:
view->developer->developer tools->little settings icon on the bottom-right of the window->override user agent

I understand that there many methods of changing the UserAgenyString, but the whole point is the poor consumer who has paid for service and is not tethering is getting screwed for using a third party browser which is by no means a violation of the service agreement. We need something simple. An app . . . Something that someone with limited knowledge can use to keep from being ripped off.
All this because the phone company is paranoid someone will hook up hardware that THEY PAID FOR to ANOTHER DEVICE THAT THEY OWN and UTILIZE THE BANDWIDTH THEY BOUGHT without paying an extra 15 dollars tax.
What is the 15 dollar tax for? Does T-mobile power your phones processor? If so why do you pay a power bill? Does T-mobile preform voodoo to enable the phone THAT YOU OWN to route packets? Nooooo ! ! !
Its like back in the old days when the phone company used to make you pay for the phones you use and fine you if you had additional or "unauthorized" handsets plugged in.
This move is flat out, FRIVOLOUS ! ! ! RIDICULOUS ! ! ! ASININE ! ! ! and TYRANIC ! ! !
We- as consumers must come up with methods to use our third party browsers . . . Without being accused of tethering and as a result blocked, blamed, and shamed by a company were paying for service.
Sent from my SGH-T989 using Tapatalk 2

shnn2011 said:
I understand that there many methods of changing the UserAgenyString, but the whole point is the poor consumer who has paid for service and is not tethering is getting screwed for using a third party browser.
All this because the phone company is paranoid someone will hook up hardware that THEY PAID FOR to ANOTHER DEVICE THAT THEY OWN and UTILIZE THE BANDWIDTH THEY BOUGHT without paying an extra 15 dollars tax.
What is the 15 dollars for? Does T-mobile power your phones processor? If so why do you pay a power bill? Does T-mobile preform voodoo to enable your phone THAT YOU OWN route packets? Nooooo ! ! !
Its like back in the old days when phone companies used to make you pay for the phones you use and fine you if you had additional our "unauthorized" handsets.
This move is flat out, FRIVOLOUS ! ! ! RIDICULOUS ! ! ! ASININE ! ! ! and TYRANIC ! ! !
The whole point is to come up with a method to help consumers use their third party browsers . . . Without being accused of tethering and as a result blocked, blamed, and shamed.
Sent from my SGH-T989 using Tapatalk 2
Click to expand...
Click to collapse
The easiest thing would e for the browser developers to fix the issue. As long as it reports as a desktop client then they will see it as such and assume you are breaking your TOS. If the browsers reported it properly then it would not be an issue.
In the end what I have a feeling will happen is that data plans will increase in cost and have built in tethering. Even if you dont use tethering.

zelendel said:
The easiest thing would e for the browser developers to fix the issue. As long as it reports as a desktop client then they will see it as such and assume you are breaking your TOS. If the browsers reported it properly then it would not be an issue.
In the end what I have a feeling will happen is that data plans will increase in cost and have built in tethering. Even if you dont use tethering.
Click to expand...
Click to collapse
Many new mobile browsers are fullblown browsers and for this reason there are complications. I am told that even the full blown ICS browser is being blocked.
The browsers are reporting their User Agent String properly. T-mobile is interpreting the User Agent Strings with ignorance.
Prices should go down as technology progresses. I think that eventually providers will drop the frivolous taxing of tethering.
Sent from my SGH-T989 using Tapatalk 2

All this because the phone company is paranoid someone will hook up hardware that THEY PAID FOR to ANOTHER DEVICE THAT THEY OWN and UTILIZE THE BANDWIDTH THEY BOUGHT without paying an extra 15 dollars tax.
To true... ^^

S1mSyo said:
All this because the phone company is paranoid someone will hook up hardware that THEY PAID FOR to ANOTHER DEVICE THAT THEY OWN and UTILIZE THE BANDWIDTH THEY BOUGHT without paying an extra 15 dollars tax.
To true... ^^
Click to expand...
Click to collapse
No they are worried that you will hook up a device and use the bandwith for a device that it was not intended for. I see posts like this all the time and no one bothers to read the TOS when they sign the contract. The TOS states that all data is for the device on the contract and no other with out a tethering plan.

zelendel said:
No they are worried that you will hook up a device and use the bandwith for a device that it was not intended for.
Click to expand...
Click to collapse
How is this worrisome? Seems to me they're more worried about the extra bucks they could be leeching from you by arbitrarily categorizing tethering data differently from other data.

thebobp said:
How is this worrisome? Seems to me they're more worried about the implications of such use.
Click to expand...
Click to collapse
Think about it for a min. Most people are on Limited data plans. Then they tether to say a laptop (cause they saw they could on sites like this.) The laptop eats their data away in the blink of an eye. When he bill comes in the people are pissed and call the company to complain. They spend hours on the phone yelling at someone and making threats for something that was their fault. Then just to shut them up a manager may remove the charges. All of this cost the company money. Not to mention puts the company employees in a tuff spot. Either keep the Cx happy and remove the charges with risk of losing their job, or deal with someone that is pissed off enough though they have no right to be.
I have been in just that position many times over the past few years. Now I tell everyone. If you want to tether then get a plan for it.

zelendel said:
The laptop eats their data away in the blink of an eye.
Click to expand...
Click to collapse
You're either kidding or severely exaggerating (unless you're referring to one of those tiny, tiny plans, which are designed to try to make you go over and get charged overages anyway).
Computer browsers may use more data than mobile browsers, but not by that many orders of magnitude. The fact that some mobile browsers even identify themselves as computer browsers is testament to this.
If you're talking about people going haywire by tethering and downloading gigabytes, then 1) they kinda deserve it, but 2) [and much more importantly] they can do it on the phone anyway, as demonstrated by the guy who legitimately used 150GB in a month.

Online shopping

is online shopping on android phones actually safe ...i am confused ..any views on this

That depends on what your security concerns are. For me, I think it is totally safe to buy things online with your phone. I would do just about anything but financial activities in this context. However, my answer is a bit loaded so now I need to explain that part a bit. Credit Cards have built in protections. If you check your statements and dispute all charges that you did not authorize, then shopping through your phone is completely safe. I have had tons of fraudulent activity on my credit cards and I haven't paid a single cent that wasn't my own charge. The catch here is that you run pretty much the same risk doing your shopping online through an ordinary computer. Granted, phones have terrible security. My real point here is that you should use your phone assuming you cannot trust it. In this case, I use my credit card fraud protection as my mitigation for an untrustable platform.

dipinv.2007 said:
is online shopping on android phones actually safe ...i am confused ..any views on this
Click to expand...
Click to collapse
It is risky, indeed. Luckily, you can do something to protect your safety online. Android has a lot of flaws and it's vulnerable to malware and viruses- more vulerable than your personal computer because it's an open system( in theory) with millions of unverified apps for Download.
My recommendations:
[Remember, there's no 100% guarantee/solution, but it's better than doing nothing at all!]
Avoid using open WiFi Hotspots( Starbucks, McDonalds, City Hotspots, etc.) if it's not an URGENT purchase.
However, sometimes you find yourself in a situation where you need to purchase something right away. When connected to public networks( again, Sturbucks, City Hotposts, etc) consider using a VPN service to encrypt your connection.
I don't want to start a war over which VPN provider is better, but PIA( Private Internet Access) is ultra cheap and reliable.
Why using a VPN? VPN connections, like L2tp IPsec PSK connections can encrypt your data, securing your connection from sniffing( Wireless network tapping/monitoring).
When shopping online use the shop's app rather than your Android browser. Using your browser can have catastrophic consequences. Your eyes can deceive you! Don't trust them.^ ^
When using your browser( Chrome, Android browser, etc) always check your connection to the shop's sing-in page - if it's unsecured( http websites) leave the page! The same goes for links. Make sure to check the URL address! Again, don't rely on your eyes, when using public hotspots. Why? In layman's terms: When you connect to the internet, your Android resolves IP's(URL's/websites) via DNS servers, which can be infected. If a Hotspot is infected and you search for, let's say, PayPal you might actually get somehwere else! Relying on URL's when shopping via Hotspots is a stupid idea! That's why, again, you should consider using a VPN, which encrypt's your traffic+ paid VPN's have a lower chance of getting infected since the folks working there regularly check their servers+ most VPN providers use secure DNS servers, which overide the Hotspot's default DNS settings.
When downloading apps verify the company's name and make sure it's an original app! Avoid using user-made apps to access your eBay/Amazon account! Stay away from unknown&unverified, hence untrusted Android markets.
Antivirus/anitmalware. Scan your phone frequently!
GOLDEN RULE: NOTHING IS BULLETPROOF!
I guess that's it for the average user. :cyclops:
The same applies for your personal computer.

Thanks guys !! great replies, sums it all up ...every one should follow this advice !! :good:

dipinv.2007 said:
Thanks guys !! great replies, sums it all up ...every one should follow this advice !! :good:
Click to expand...
Click to collapse
You're welcome. Have a good day/night/whatever! :silly:

Of course it is just make sure you are using https:// means secure server that encrypts your data

Of course it is just make sure if you install the official apps

One Question reagarding the apps: Are they using a safe connection to the server or might there be a securtiy problem?
Im talking about the "big player apps" like amazon, ebay, paypal etc.

[VPN (Virtual Private Network) and why you should use it if you're serious about...]

Greetings all and Happy Holidays.
Per some fellow XDA users request and also to compliment the great thread "[TUTO] How To Secure Your Phone," by: unclefab, I figured this would help...a thread on VPN.
I am also shocked to not see anything in the security forum about VPN! I did a search and NOTHING.
What is a VPN?
(Virtual Private Network)
A simple search on the web will give you the nitty gritty stuff on what a VPN is, but I'll just lay it out very simply.
A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection.
How it works:
Encrypts your Computer's/Phone's data ---> Connects it to your VPN's server (Exit Server) ---> Then it reaches the end destination (website). (Safe Passage)
ie...
Safely passes your Internet Data, through a ---> [TUNNEL] ---> ...that is encrypted so that all your data is not only anonymous, but also protected.
There are may VPN's service providers out there, however, they are not all created equal. I've spent a lot of time researching VPN's and have went to great lengths to find the best of the best. The criteria of what I was looking for is as follows:
Offshore Company. Something outside of the US.
Liked and approved by even the extreme private/security activists.
Reliability and Speed! Some VPN's can be very slow only allowing you to achieve 30-50% of your internet speed at best.
A wide choice of servers.
Able to pay anonymously.
A VPN THAT WORKS ON OUR ANDROID DEVICES!
Some VPN companies have their own Android VPN client, which makes things a breeze. Just launch, connect and violla....all your traffic is now safely tunneled.
For the companies that do not have their own Android VPN client, you'll have to use the app: OpenVPN, which can be a hit or a miss for those on KK 4.4. Let me explain...
When I was on my Note 3 on 4.3, OpenVPN worked flawlessly and my speeds were darn near 100% of my regular LTE speeds even connected to a VPN! Well, once KK 4.4 came around, it completely ruined everything in terms of being able to stay connected. KK 4.4 is and was a nightmare for OpenVPN users. Upgrading from 4.3 to 4.4 was the biggest mistake I have ever made in my Android world. Bottom line, KK 4.4 sucks.
The good news is, there are a few VPN companies that work flawlessly on KK 4.4. I'm using one at the moment and it stays connected just fine with awesome speeds!
Why you should use a VPN:
Well think about. You can go the whole nine yards in securing your phone, which is awesome, but then you'd still be tunneling all that traffic "unencrypted," over the internet .... this is counter-intuitive in every way that you look at it. It's like ordering a BIG MAC Extra value meal and getting a diet coke. I mean really? What's the point? Diet? No matter how you see it, you're going to get fat if you keep eating it and thinking a diet coke is going to take edge off of you getting fat. Sorry, it doesn't work that way....
Imagine a semi-trucks driving down the highway with some completely exposed and some locked and covered. Well you'll obviously be able to see the exposed cargo on all the trucks that are not contained yes? Whereas the ones that are covered and locked, you'd have no clue what's in there. This is how a VPN works....it covers your data/traffic so that no one can see or know what is inside of that container during transit...ie...it provides a safe passage of your data over the internet to the end destination.
Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data.
Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada.
In that example, your "encrypted" data/traffic is being routed through Texas and then to Canada where the website is hosted/located. Make sense?
Because you're connecting to a VPN server, this is why you have to know which ones to use so that you can trust your data routing through their servers. Not all VPN companies are created equal!
If you're interested to know which VPN's are best in general and for our Android devices, PM me and I'll share with you my research. I don't want to advertise anything on here to be in compliance with the forum rules.
I hope this helps!
To be continued....

You forgot to tell the data is not encrypted by the VPN between it's server and the website's server, you are only moving a problem from place A to place B. It may be better for you if this is what you are looking for but it doesn't add that much security.
How a VPN works : Your device data is encrypted FIRST, it leaves your device and goes to the VPN's server, it is DECRYPTED, and then it is relayed to the server you were trying to contact. Your data is less traceable but you're not anonymous, the VPN provider knows who you are and your DNS provider may still know what you are looking at if you the device leak DNS requests.
Your guide is missing details, anonymity and security is not easy and trying to simplify it too much you lost important parts users should not forget.
Regards

Magissia said:
You forgot to tell the data is not encrypted by the VPN between it's server and the website's server, you are only moving a problem from place A to place B. It may be better for you if this is what you are looking for but it doesn't add that much security.
How a VPN works : Your device data is encrypted FIRST, it leaves your device and goes to the VPN's server, it is DECRYPTED, and then it is relayed to the server you were trying to contact. Your data is less traceable but you're not anonymous, the VPN provider knows who you are and your DNS provider may still know what you are looking at if you the device leak DNS requests.
Your guide is missing details, anonymity and security is not easy and trying to simplify it too much you lost important parts users should not forget.
Regards
Click to expand...
Click to collapse
Misleading? I think you need to re-read the post. Here let me help you:
"A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection."
"Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data."
"Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada."
So you're going to argue the fact that a VPN wouldn't be affective in a cafe scenario like the example I've given in the post?
Any additional information is appreciated, but please don't come in here saying that it's misleading....
THE FACT IS...YOU'RE BETTER OFF WITH A VPN, than WITHOUT ONE. PERIOD.

It's about trust, the VPN server can do the middle man attack itself or one could do it somewhere between the VPN's server and the final destination.
Of course you're better with a VPN most of the time, but it's important to clearly state it's not captain america's shield neither. It's important to clearly tell at all cost that the data is encrypted only between you and the VPN's server.
Best regards.

The only way to ensure you are safe from MITM is to use end to end encryption, like SSL/TLS (https). Even if the MITM is using sslstrip, you'll be able to tell by the security popup in your browser when it asks you to trust the connection (which you shouldn't...)
VPN is useful for protecting you from someone sniffing the airwaves on an open network or for accessing services behind a firewalled network. (Like SMB/Windows File Sharing).
Like Magissa said, it isn't captain America's shield, and don't be fooled by a false sense of security. You have to trust the VPN provider, and it would be pretty easy for one to sniff your traffic or read logs...

iunlock said:
Greetings all and Happy Holidays.
Per some fellow XDA users request and also to compliment the great thread "[TUTO] How To Secure Your Phone," by: unclefab, I figured this would help...a thread on VPN.
I am also shocked to not see anything in the security forum about VPN! I did a search and NOTHING.
What is a VPN?
(Virtual Private Network)
A simple search on the web will give you the nitty gritty stuff on what a VPN is, but I'll just lay it out very simply.
A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection.
How it works:
Encrypts your Computer's/Phone's data ---> Connects it to your VPN's server (Exit Server) ---> Then it reaches the end destination (website). (Safe Passage)
ie...
Safely passes your Internet Data, through a ---> [TUNNEL] ---> ...that is encrypted so that all your data is not only anonymous, but also protected.
There are may VPN's service providers out there, however, they are not all created equal. I've spent a lot of time researching VPN's and have went to great lengths to find the best of the best. The criteria of what I was looking for is as follows:
Offshore Company. Something outside of the US.
Liked and approved by even the extreme private/security activists.
Reliability and Speed! Some VPN's can be very slow only allowing you to achieve 30-50% of your internet speed at best.
A wide choice of servers.
Able to pay anonymously.
A VPN THAT WORKS ON OUR ANDROID DEVICES!
Some VPN companies have their own Android VPN client, which makes things a breeze. Just launch, connect and violla....all your traffic is now safely tunneled.
For the companies that do not have their own Android VPN client, you'll have to use the app: OpenVPN, which can be a hit or a miss for those on KK 4.4. Let me explain...
When I was on my Note 3 on 4.3, OpenVPN worked flawlessly and my speeds were darn near 100% of my regular LTE speeds even connected to a VPN! Well, once KK 4.4 came around, it completely ruined everything in terms of being able to stay connected. KK 4.4 is and was a nightmare for OpenVPN users. Upgrading from 4.3 to 4.4 was the biggest mistake I have ever made in my Android world. Bottom line, KK 4.4 sucks.
The good news is, there are a few VPN companies that work flawlessly on KK 4.4. I'm using one at the moment and it stays connected just fine with awesome speeds!
Why you should use a VPN:
Well think about. You can go the whole nine yards in securing your phone, which is awesome, but then you'd still be tunneling all that traffic "unencrypted," over the internet .... this is counter-intuitive in every way that you look at it. It's like ordering a BIG MAC Extra value meal and getting a diet coke. I mean really? What's the point? Diet? No matter how you see it, you're going to get fat if you keep eating it and thinking a diet coke is going to take edge off of you getting fat. Sorry, it doesn't work that way....
Imagine a semi-trucks driving down the highway with some completely exposed and some locked and covered. Well you'll obviously be able to see the exposed cargo on all the trucks that are not contained yes? Whereas the ones that are covered and locked, you'd have no clue what's in there. This is how a VPN works....it covers your data/traffic so that no one can see or know what is inside of that container during transit...ie...it provides a safe passage of your data over the internet to the end destination.
Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data.
Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada.
In that example, your "encrypted" data/traffic is being routed through Texas and then to Canada where the website is hosted/located. Make sense?
Because you're connecting to a VPN server, this is why you have to know which ones to use so that you can trust your data routing through their servers. Not all VPN companies are created equal!
If you're interested to know which VPN's are best in general and for our Android devices, PM me and I'll share with you my research. I don't want to advertise anything on here to be in compliance with the forum rules.
I hope this helps!
To be continued....
Click to expand...
Click to collapse
which is the best VPN to use?

I've installed OpenVPN for Android and it works fine.

[VPN (Virtual Private Network) and why you should use it if you're serious ab...
TheMoroccan said:
which is the best VPN to use?
Click to expand...
Click to collapse
There's no concrete answer to that question. Your best bet is to use a VPN provider that's based outside of your country, preferably one that is less likely to corporate with your local law enforcement.

Agreed. Out of country, away from your government's reach... There are some offshore server farms in countries with lax laws... Those are usually tax havens also. Research

snapper.fishes said:
There's no concrete answer to that question. Your best bet is to use a VPN provider that's based outside of your country, preferably one with a less likely to corporate with your local law enforcement.
Click to expand...
Click to collapse
Thanks bro for the info.

Phone privacy and security, is it possible to be completely private and secure?

I have always known that companies like google and facebook for example collect our data, web searches etc and sell this information for profit. Today, this has become an even bigger issue with what we see in the media with the nsa and other government organizations tapping into our devices and monitoring our usage. At the end of the day, most of us, myself included really dont have anything to hide, so it may not be a real issue. I have often thought that if anyone poked around in my pc or phone they would simply get bored as they are just full of geeky engineering files lol. The real thing for me is simply that it's an invasion of privacy and just not right. With that said, I find myself wanting to go the extra mile to make my pc and my phone completely private from outside sources taking my information, watching my web searches and seeing my data. My question is, is it possible to be 100% secure and private, and if not, how close can we get, and how? I have heard that VPN's can achieve this. Is this true? and if so are there any free secure VPN's for our android devices and or pc's that are really good? Do VPN's slow down our devices? Also, Is there a way when we delete android files to permanently delete them? I noticed when I flashed my rom, after doing the complete wipe that is still contains files from before the wipe.
(I know this isn't a pc forum, I only included the pc because it's relevant.)
Thank you all in advance.

There are no data retention laws in the United States. Meaning, if a data center does not want to hold any logs to their users' activity, they're not required by law to do so. Multiple countries are similar, which is why I recommend using Private Internet Access for your VPN. They have a client for PC and Android and they're really great. I've been using them for many years and have had no issues. And, if you're really wanting to remain "anonymous", you can pay for your VPN subscription using gift cards from popular outlets like Walmart, Starbucks, etc. And for search engines, I'd recommend DuckDuckGo, which doesn't log anything you search. For PC, I'd recommend disabling your IPv6 protocol in your router settings and getting uBlock Origin, HTTPS Everywhere, and PrivacyBadger. They're wonderful add-ons for Firefox or Chrome. uBlock Origin and PrivacyBadger can block WebRTC leaks which would leak your IP address and can be used to identify you. If you want more information, feel free to reply to my post and I'll help you out as much as I can.

Hoxic said:
There are no data retention laws in the United States. Meaning, if a data center does not want to hold any logs to their users' activity, they're not required by law to do so. Multiple countries are similar, which is why I recommend using Private Internet Access for your VPN. They have a client for PC and Android and they're really great. I've been using them for many years and have had no issues. And, if you're really wanting to remain "anonymous", you can pay for your VPN subscription using gift cards from popular outlets like Walmart, Starbucks, etc. And for search engines, I'd recommend DuckDuckGo, which doesn't log anything you search. For PC, I'd recommend disabling your IPv6 protocol in your router settings and getting uBlock Origin, HTTPS Everywhere, and PrivacyBadger. They're wonderful add-ons for Firefox or Chrome. uBlock Origin and PrivacyBadger can block WebRTC leaks which would leak your IP address and can be used to identify you. If you want more information, feel free to reply to my post and I'll help you out as much as I can.
Click to expand...
Click to collapse
Hoxic,
Thank you for all of the information. With the private internet access VPN on my PC and android, will that slow down anything like web surfing, uploads or downloads? I am limited to using Verizon's high speed DSL connection as they refer to it, (I refer to it as slowest speed connection lol) in my neighborhood and this is the only provider for me so it's already pretty slow compared to Fios and other broadband connections. I would hate to slow it down any more.
You mention to pay for these services using gift cards and such. Well as I mentioned, I do not have anything that I am actually worried about anyone seeing, this is simply my way of trying to protect my privacy so I wouldn't go that far but I am curious about that statement. Do you mean that using a VPN truly isn't private or is this just to remove any paper trail linking me to the use of a VPN provider? I have been using DuckDuckGo for several years already just to stop google from taking and selling my info. Weather it truly works or not I dont know but its a great search engine anyway so I figured why not use it.
Your advice to disabling IPv6 protocol in my router settings: I do not see anywhere in my router settings to do this so I googled it, and it looks like there's a way o do this in windows. Is that different that what you're advising? Also I read a windows blog on this and windows 10 says IPv6 is a mandatory part of Windows that they do not advise on disabling. Can you give me some more detail on this, and how to disable it, assuming the windows warning is bull.
Thanks for all of your help.