Running a standard Galaxy S22 on Verizon. My employer, a cybersecurity company, forces me to use our company VPN on my phone, and the VPN icon is always in the notification bar up top. When I check in VPN settings, the option to run all the time is not checked, so I'm not sure when I'm actually connected through VPN. So several questions regarding this:
1. Is there a way to know when I'm actually going through the VPN and when I'm not?
2. Is there a way to temporarily disable the VPN? I've tried doing some things with smart devices around the house, and I can't connect directly to the devices unless I disable the VPN (at least, that's the message I've received from my Nest Thermostat and my Ring cameras). The only way I know is to delete the VPN service completely, but then I have to create a ticket with our help desk to have it reinstalled. That's why I'm looking to just disable periodically.
3. Can my employer see EVERYTHING I do on my phone including all browsing history and personal emails and texts?
Thank you
My guess is that an always-on VPN service - introduced with Android 7 - is running due to device settings controller setup what can't get temporarily deactivated.
Related
Whenever I'm on my company's Wi-Fi network, many notifications and refreshes (e.g., Gmail updates, SMS) are delayed. They often flood in at the same time more than an hour after the fact (unless I go into each app and manually refresh/sync). Also, it seems like my location is never accurate while on my enterprise Wi-Fi, particularly when I look for weather at my location. None of these issues exist when I'm off of Wi-Fi at work or when I'm on my home Wi-Fi. (BTW, I didn't have these issues when I had my iPhone 5.)
Is this simply an issue with the way the enterprise Wi-FI is set up? Is there anything I can do in my settings to fix this?
My work WiFi ( in England ) makes my phone think it's in Germany. I guess that's where the main server is. Location services might be better with GPS only. SMS shouldn't be delayed through the WiFi though. Maybe it's a problem with your phone?
Sent from my Nexus 5
Yeah it all depends on where your server is routing traffic before it goes on the internet. There could some branch office to main office links setup which sends your traffic there first, that's for the location stuff.
Firewalls could be blocking pings though which is needed for push GMAIL and such. No way to really know unless we know your network setup.
As was mentioned, SMS shouldn't be a difference unless you are talking about Hangouts or other Messinging apps (those use DATA, not the WCDMA Air interface that SMS does).
I think it is some kind of corporate firewall or av scanner. Not sure what to tell you.
Sent from my Nexus 5 using xda app-developers app
Use a VPN
I wasn't sure where to post this thread, so I'll try here. I have zero signal in the building I work in. So I connect to my company's secure wifi network. I don't really browse any webpages while at work, but I use hangouts and use the wifi to send and receive messages. I don't want anyone seeing my conversations or any other data on my phone for that matter. I've read that network admins may possibly be able to read messages, emails, browsing history, view gallery etc. I'm new to all this, so I googled and it seems that a VPN might be what I'm looking for. Will this secure my phone and keep all of my information hidden and safe?
it's hard . as long as you connect to the wifi, the network admin has way to get your infomation
Services like Gmail or Hangouts are secure and IT admins will not be able to read your email/chats unless they're pro hackers and are really targeting you. Their firewall will probably have the capability to log browsing history though, but not go through your email/chat/pictures etc. If you use a VPN service on top of it, it becomes extremely hard to track your browsing, and your browsing history will also be private. In the eyes of your IT department you will only be having encrypted network traffic between your computer and the VPN service provider (you should choose a good VPN like Spotflux or Hotspot Shield - they are free and have premium versions with more features also). However, many/most company networks do not allow their users to use a private VPN service.
Hi,
I am just thinking about how to harden my smartphone for a vacation backpacker trip around Thailand lasting one month. Circumstances:
1) Free Wifi and VPN
I am going to buy a sim card with mobile data at the airport, no difficulties there (dual-sim smartphone). But every time I connect to a free wifi, all my data is send unencrypted until I connect to a VPN gateway. But in between there is enough time for every background service to exchange data. Security concerns justified? The wifi owner can attack via man-in-the-middle or simply capture data or websites with wireshark.
Solution:
setting up a Firewall?! 3G/4G allow all, wifi block all, vpn allow all ?
2) Loosing the smartphone
First fact - my external sd card is not encrypted as I got one corrupted very quick and all the apps using the feature got unusable. So the data can be easily read, I just keep that in mind.
Next, the smartphone will be locked with a security pattern, so the thief or finder wont be able to use it. On the lockscreen my name and adress is written, finders fee, etc.
Do you set up a cerberus for remote tracking, deeply integrated into the smartphone?
Do you sync your pictures directly to the cloud whenever you have a strong wifi connection?
Where do you store your passwords "offline" - paper in your wallet (I use Keepass for everything, I do not even know my passwords for e-mail, Google and Facebook since they are very strong)
Hi all,
sometimes when my Android device (OnePlus 5, Android version 10) is connected to my mobile router, it shows "limited connection" in my wifi settings.
The connection still appears to work fine, however I wonder what exactly (technically) would trigger this message?
Is it, Android tries to access some host from time to time and if not reachable it turns this message on?
Or does it probably interpret some information contained in the Wifi payload itself?
Maybe one of the Android devs here can answer this for me. Or can point me to the code which controls this message, I am happy to study it myself then.
Thanks a lot and all already a Happy New year 2022.
Andi
Hi Andi,
the phone uses a captive portal detection to see if internet is reachable from the current connection or it's not reachable or if it's blocked by a firewall, such as in a hotel's wifi.
To do so, it connects to
http://connectivitycheck.gstatic.com/generate_204
and if it gets a 204 response, the connection is good and no message is displayed. In other cases it will open the wifi login portal (if any) or it will just display a limited connection note, as on your phone.
If you see the message despite the connection can reach internet, it means that there might be something (a firewall for example) blocking the connections to connectivitycheck.gstatic.com. Some applications, as Aurora Store, also use gstatic.com to check the connection, and they won't work if it's not reachable, even though the rest of the web can be browsed.
It is possible to change the address used for connectivity check by running these commands in adb shell:
settings put global captive_portal_http_url "http://<YOUR-URL>
settings put global captive_portal_https_url "https://<YOUR-URL>
You can use any url you want, public or privately hosted, the only important thing is that it has to return a 204 response code.
Happy 2022 to you too!
tremalnaik said:
Hi Andi,
the phone uses a captive portal detection to see if internet is reachable from the current connection or it's not reachable or if it's blocked by a firewall, such as in a hotel's wifi.
To do so, it connects to
http://connectivitycheck.gstatic.com/generate_204
and if it gets a 204 response, the connection is good and no message is displayed. In other cases it will open the wifi login portal (if any) or it will just display a limited connection note, as on your phone.
If you see the message despite the connection can reach internet, it means that there might be something (a firewall for example) blocking the connections to connectivitycheck.gstatic.com. Some applications, as Aurora Store, also use gstatic.com to check the connection, and they won't work if it's not reachable, even though the rest of the web can be browsed.
It is possible to change the address used for connectivity check by running these commands in adb shell:
settings put global captive_portal_http_url "http://<YOUR-URL>
settings put global captive_portal_https_url "https://<YOUR-URL>
You can use any url you want, public or privately hosted, the only important thing is that it has to return a 204 response code.
Happy 2022 to you too!
Click to expand...
Click to collapse
Thanks, this is a good pointer to further analyze this the next time it happens.
Many thanks for the detailed answer, really appreciated.
Have a great 2022
Andi
Device Settings Guide, Tips & Discussions
Part 1 - Connections
If you're new to this series or want to see the index, please read Post #2 first.
Wi-Fi
Click on Gear icon besides any network:
View supported Network speed and security
Auto reconnect: If on, automatically connects to this network when Wi-Fi is ON. Switch it off for backup Wi-Fi i.e. you can keep it ON for 5 GHz network and OFF for 2.4 GHz so that it always connects to 5 GHz automatically.
Manage Router: Opens up the router admin page by going to your Gateway IP Address.
IP Settings: Choose from DHCP or Static. If you want to use custom DNS, you have to use Static IP. If you want to know the Network info like IP, Gateway or Subnet Mask, choose Static once and note the displayed info.
Proxy: Set manual or auto-config proxy here.
Click advanced to show:
View device's MAC address and allocated IPv6/IPv4. Learn about MAC and IPs here.
Metered Network: If you set a connection as metered, you or device can restrict background processes, big downloads and save data.
Randomized MAC: Devices are supposed to have a permanent MAC but this could be used to track you. From Android 10, you get an option to use randomized MAC each time your device connects to Wi-Fi. You can disable this if you use MAC Filtering on your router.
QR Scan (icon on top-right): Connect to Wi-Fi without entering password. Use a device that is already connected to the network and scan the QR code displayed by the former.
Menu > Wi-Fi Direct: Turn on Wi-Fi Direct on a nearby device as well to transfer files wirelessly and fastly. Works best with Samsung Devices and it does NOT require connection to a Wi-Fi network. You get speeds maxed out at the supported wireless speed of your devices! It is a better and more secure alternative than ShareIT or JioSwitch.
Menu > Advanced:
Sync with Samsung Cloud: Backup your Wi-Fi usernames and passwords and use the same on synced devices.
Switch to mobile data: If your Wi-Fi network quality drops, use mobile internet directly even if Wi-Fi is still connected (needs Mobile Data to be ON). You can add (Wi-Fi) Network Exceptions to prevent switching. Get notified to Allow individual apps to switch to mobile data i.e. if WhatsApp is blocked on your college Wi-Fi, you can allow WhatsApp to use Mobile data while keep using the Wi-Fi!
Turn on Wi-Fi Automatically: Your device will automatically enable Wi-Fi where you use it frequently. For example, you or your device can turn off your Wi-Fi when you go out and you won't need to enable it again when you get back home (you can configure the frequent networks after they appear here). Tasker used to handle this job for me (try IFTTT for simpler setup) but now the OEM solution is more optimized.
Wi-Fi power saving mode: For example, if you get WhatsApp messages every 30 minutes on average, the device learns about this traffic pattern and can toggle Wi-Fi accordingly to fetch notifications every 30 minutes. I keep this disabled as my usage pattern is dynamic like most of you. Better use App Sleep or Hibernation Apps like Greenify to save battery. Learn more about this mode here.
Wi-Fi control history: View apps that have toggled Wi-Fi recently. You can figure out if there's any culprit app that is toggling your Wi-Fi frequently when you have explicitly turned it off/on.
Hotspot 2.0: Automatically connects to APs that support Hotspot 2.0 or 802.11u. Network providers are themselves upgrading existing Wi-Fi in public areas like airports and encryption is a must for Hotspot 2.0 so you can trust and rely on it while you don't have to manually guess the right network. Learn more about Hotspot 2.0 here.
WPS push button; WPS PIN Entry: (Pie doesn't support WPS but Google says it's coming back, Read here) Connect the device to WiFi by pushing WPS button on the router or entering WPS PIN in case these are enabled on the router. Learn about WPS here.
Install network certificates: Normally not needed. Some organizations would need you to install certificates to access their domains. Same as what you do on a PC to install certificates.
Wi-Fi Calling
(Formerly VoLTE calling) Uses Wi-Fi to transmit voice instead of the mobile network but they still appear to be done via your SIM or number. This saves your mobile plan and also beneficial when you have low mobile network inside your home but good Wi-Fi! You'll see the SIMs in case the carrier supports VoLTE calling. #JioWaale
Bluetooth
When the Bluetooth is ON, you can STOP/SCAN for nearby devices manually. Keep BT on for playing with the following settings.
Menu > Advanced:
Sync with Samsung Cloud: Note that this only sync Samsung devices like Galaxy Home Speakers and Galaxy Buds.
Music Share: Enables your friends (or else) to connect with a speaker connected to your phone without requiring you to unpair and them to pair with the speaker. Useful in cases like you want your car to be always connected to your device. However, on a trip, your friend wants to play music from his phone while you drive. Get more explanation here.
Ringtone sync: Sync the ringtone you set on your phone to the connected speaker. I did not know they played different tones!
Bluetooth control history: Similar to 'WiFi control history' above.
Block pairing requests: Block spammers to request pairing.
Bluetooth scan history: Shows apps that scanned for BT devices. Review this once in a while as Apps can scan even when the BT is off!
[Discontinued] Dual Audio: Enables your device to connect to 2 different audio devices and play the same audio on both of them. Samsung explains this here.
[Discontinued] Media volume sync: In case the connected audio device supports this, you can change the player's volume by your device's volume rockers by enabling this i.e. you don't have to manually raise the volume to the fullest on both your device and the connected player to get the highest volume possible for your house party.
[Discontinued] Phone visibility: (Moved to Separate section after Bluetooth in Pie, please tell if it works for BT as well) Allow devices (with Samsung Connect) to find your device for connection. You can disable it unless you live in a Smart Home or transfer files from other devices more often. Learn more about this mode here.
NFC and contactless payments
It's turned ON by default on a new phone so do turn it OFF first. Samsung Pay will turn that ON if needed. Samsung Pay uses only NFC now starting from S21. MST is discontinued though no other brand could use this for payments. In case you don't know about MST (patented by LoopPay), must-read here. More information on the discontinuation in the FAQ.
[Discontinued] Android Beam: Allows you to share stuff when you tap your phone with some other-phone-with-already-enabled-NFC.
Contactless payments (Formerly Tap and pay): Select the default app for Payments and Others. Your default app will open up when you, for instance, tap your phone on an NFC-enabled POS (of course you need NFC to remain ON beforehand).
Pay with currently open app: By enabling, if currently opened app supports payment, it will used instead of the default app above. I have kept it enabled because I don't want Samsung Pay to open up when I know I am going to use GPay!
[Discontinued] Default NFC Method: By default and normally needed, 'Auto select'. In case you are the curious breed, learn about the different options here.
Flight Mode
Disables your operator's network. Since enabling this will also disable Wi-Fi and Bluetooth altogether, you can turn back these two on without toggling flight mode.
Mobile networks
Data roaming: Enable it if your carrier doesn't charge you for roaming or you're rich enough.
Network mode: By default, 'auto connect'. You can play with the options in case you're facing network mode changing issues or want to save battery (put to 2G only). If your region does not have 5G yet, you can go back to 4G/LTE to save battery!
Access Point Names: I recommend you to request or configure your operator's settings for the first time even if it had been automatically fetched. Nerdy guide here.
Network operators: Suggest usage?
Data usage
Data saver: Formerly known as 'Restrict background data'. Your background apps will stop using network data i.e. you'll receive WhatsApp notifications only when you open the app again. You can also whitelist apps in 'Allowed to use data while Data saver on'. This feature can help a lot in saving battery or making you check the phone less when you're hanging out with your girl. Me no girl so no enable!
Mobile data usage; Billing cycle and data warning: Do check this in a while to review the apps that use most of your mobile data (maybe you don't need those apps that much on mobile data); Change your operator billing cycle, set data warning and enable data limit in case your operator doesn't give you free GBs. The app options you change here will be reflected in the Data saver section above.
Mobile data only apps: You can choose apps that you only want to use mobile data. Useful in case your organization's Wi-Fi blocks some apps like WhatsApp. This is related to 'Allow individual apps to switch' in the Wi-Fi section.
Wi-Fi data usage; Restrict networks: Like mobile data, you can also review your Wi-Fi usage! Do review it once in a while to identify data-hungry apps that can affect battery and CPU as well. The apps you disable here for background usage will be blocked while Mobile Data is on OR the Wi-Fi is metered. Please confirm?
SIM card manager
Select Icon, Name and Network mode (described above) for the corresponding 'SIM slot' (not the SIM). Select preferred slot for calls, messaging and data. Learn about Smart Dual SIM here.
Mobile Hotspot and Tethering
Mobile Hotspot > Advanced:
Wi-Fi sharing: In addition to mobile data, you can also share your Wi-Fi. This can be helpful in case you don't want to reveal your network or its credentials or don't know about them. Also, your device can become a repeater for devices that are too far away from the Wi-Fi (keep your phone on charging).
Security: Use 'WPA2/WPA3-Personal' (Learn about wireless encryption here).
Timeout: Keep timeout low so that hotspot turns itself OFF earlier in case there's no client or change to 'Never Timeout' if you are going to need it for some time.
Hidden network: Enable 'Hide my device' to stop exposing your SSID.
Power saving mode: Similar to PMS in Wi-Fi Advanced. Keep Protected Management Frames (PMF) on by default and change in case the client doesn't support.
[Discontinued] Menu > Allowed Devices: Enter MAC addresses of clients you want only to connect to your hotspot. Same as MAC filtering in routers.
Mobile Hotspot > Auto Hotspot: You might get this ON by default. Turn it off! This enables your or family devices to share your internet connection via Hotspot. You know when you need it!
Bluetooth tethering; USB tethering; Ethernet tethering: Learn about BT/USB tethering here.
More connection settings
Advanced Calling & Messaging: Some iMessage kinda thing? Anyone?
Nearby device scanning: Although it uses Bluetooth Low Energy, I have it disabled. If you enable it, you get notifications for nearby devices like TVs that support connections through your device (will annoy you at airports).
Printing: Do download Google Cloud Print and any other printing plugin required by your or your organization's printer.
[Discontinued] MirrorLink: Learn more here.
[Discontinued] Download Booster: Uses both WiFi and LTE at the same time to download apps over 30MB from Play Store and Galaxy Apps. In case you want that app as soon as possible.
VPN: Configure your VPNs here in case you have. I use Psiphon. You can also manually configure profiles as you do on PC.
Ethernet: Yes, you can use a wired connection on your device too. Discussions here.
Private DNS: Supports DNS over HTTP/TCP and I recommend reading about this here. I use 1dot1dot1dot1.cloudflare-dns.com.
Series - Full Menu Guide Explained
Series - Device Settings Menu Guide
Hey XDA! I just got free from the initial setup of my Galaxy S22 Ultra. I don't know how many of you do this but I'm one of a kind that gives a considerable amount of time to explore every setting, feature and every single option whenever I get a new device or even when I factory reset the existing one. It's been years since I have started with this curiosity and I have never found an 'all-in-one' menu guide to explain each and every option in the device. Yes, you could also simply google the option you want to know about but how about compiling all of them in one guide? I don't know if this experiment would work or not but here's I am starting with this. I have spent the past three weeks taking out time whenever I could to compile this guide.
There are a couple of reasons I had decided upon to start with this series. Firstly, I want to help newbies (or even experienced) out there to explore and know about every feature or option your device could offer. I have seen many duplicate threads that are created every day to query fellow users even about an individual but unfamiliar option in the settings. I intend to do my bit to clear this clutter and help potential askers to get answers beforehand. Secondly, this guide could serve as a manual in case you want to find or get briefed about an option. You could then simply 'Find in a page' over the threads or simply use XDA's 'search in the thread' option to save your time. Thirdly, since I've broken the settings into different threads, this could help users engage and discuss over a particular device's super-menu and spread their knowledge, come up with new ideas and explore more of their devices. Fourthly, this series is not constrained to Note9 only. The settings on every Android device out there is similar and you would be able to find any common to your device settings here as well. Fifthly, since I have provided links and sources to some options, this can serve as directory map as well. Sixthly, this guide consists of tips for many options that you won't probably find normally.
This guide is intended and recommended to be read by anyone at least once. If you're reading a thread for the first, I recommend you to open up the corresponding settings in your phone and read the settings description in case there is. All the threads are arranged in the same order as the settings would come up. You could then simply read out my description of the same, my selected configuration and hyperlinks to some articles or videos in case you're the curious breed. This guide is strongly recommended after a fresh start. I want you all to give some time to explore each and every option your device can offer.
Hope this experiment lives up to the marks. Both criticism and appreciation are greatly needed and appreciated. Please comment.
I've tried to explain each option you could find by going deep into any setting. No matter whatever links I have provided, I will feel grateful if you want me to explain any feature more than I have done already. Please ask questions related to any settings. Do provide me suggestions and your take on my configuration. Please provide me with more guides and articles for a particular feature. I want to have the precious contribution of XDA members in this guide. Discussion over any feature, setting, your configuration, did-you-knows and anything else is greatly appreciated. This is a newbie-friendly place so don't hesitate to ask questions - besides the fellow XDA members, I'm always here for you.
Regards,
Paras Lehana
Index
Part 1 - Connections
Part 2 - Sounds and vibration, Notifications, Wallpaper and themes
Part 3 - Display, Lock screen, Biometrics and security
Part 4 - Advanced features, Device maintenance, Apps
Part 5 - Cloud and accounts, Google, Accessibility, General management, Software update, User manual, About phone, Developer options
FAQs
Why did Samsung discontinue MST for Samsung Pay? (Contributed by @sansart)
Ans: With big card companies like Mastercard ditching Magnetic Stripes due to security concerns, Samsung could be taking a step in this direction. Starting with Galaxy S21, Samsung discontinued MST and, in a statement, it added: "Due to the rapid adoption of near field communication (NFC) technology by consumers and businesses, beginning with devices launched in 2021, Samsung Pay will focus its support on NFC transactions, across the Galaxy portfolio. While future devices will no longer include magnetic stripe technology (MST), customers with previous, compatible Galaxy devices will be able to continue using Samsung Pay, including MST." (Source: The Verge)
Mastercard nicely explains about ditching Magnetic Stripes here: Swiping left on magnetic stripes
Good read, thanks! I think your NFC section needs updating though, Samsung no longer uses MST.
Updated. FAQ too. Thank you for contributing!
Since S22U is my upgrade after spending over 3 years with Note 9, I was doubting about the MST thing after the payment failed once. Now I have read about it. Thanks again!
sansart said:
Good read, thanks! I think your NFC section needs updating though, Samsung no longer uses MST.
Click to expand...
Click to collapse