Related
Hi
Has anybody figured out how to use ASProxy
alsubang.github.com
or any other way on Android
to enable internet access for apps other then browser (i.e. pipe all traffic via port 80/443) on Unlimited Browsing Plans (not normall data plan)
like the one offered by Speakout 7-11 in Canada?
Would it require a separate computer running a proxy server since provider's
proxy (APN) will drop any packets with port other then 80 or 443?
sergoreg said:
Hi
Has anybody figured out how to use ASProxy
alsubang.github.com
or any other way on Android
to enable internet access for apps other then browser (i.e. pipe all traffic via port 80/443) on Unlimited Browsing Plans (not normall data plan)
like the one offered by Speakout 7-11 in Canada?
Would it require a separate computer running a proxy server since provider's
proxy (APN) will drop any packets with port other then 80 or 443?
Click to expand...
Click to collapse
By default, Speakout wireless only works for browsing (80, 443).
ASProxy enables Email, Map, Android Market, etc.
I found Skype does not work.
Enter the same APN settings into Asproxy and you should be good to go. I found voip apps still don't work. However, google voice works.
It took me a while to figure it out but here's what I did:
1. Make sure you have the Speakout APN profile entered into the phone and that you have data enabled.
2. Disable Wifi.
3. Stop ASProxy under its Status tab.
2. Delete all previous proxy profiles added under the Proxies tab (if your created any)
3. Under the settings tab, for Connection types choose "APN(3G/4G)" only.
4. ASProxy will automatically detect the phone's APN connection. A screen should pop up to set up a new Proxy with the following info - Connection Type: APN, MCC+MNC: 302720 and Operator: Rogers. If it does not, exit ASProxy and start it again, and select the "Proxies" tab - it should come up then.
5. For the new Proxy, you have to add some additional information (you also have to scroll down to fill in all of this info):
Proxy Type: HTTP
Proxy Host: 10.128.1.69
Proxy Port: 80
Bypass Local: [leave unchecked]
DNS Forwarding: None
Proxy Security: Basic
Username: wapuser1
Password: wap
Save the profile.
6. Under the Status tab, start ASProxy by touching the button.
You should be good to go.
Thanks.
I still can't get it to work!
veryluckyguy said:
Enter the same APN settings into Asproxy and you should be good to go. I found voip apps still don't work. However, google voice works.
Click to expand...
Click to collapse
What do you mean by Google Voice?
That you can open its web page and initiate a call?
BTW, are there any free alternative to ASProxy that can support WAP proxies?
BTW, is SO still 3G?
It works for some apps (browser, market, maps) but not for others.
Most notably, Google Talk doesn't connect.
Sync doesn't work. It works if I force it, but it won't sync automatically.
Alternative - ASProxy
Hi,
I was trying different softwares and none is perfect. "Proxymator" has the simplest UI and works with Google Maps, Gmail Facebook but not for Market and other apps. None of the voips work either. But I guess ASProxy is similar, not all apps work. I am waiting for a better "Proxymator" version.
Hope it helps...
Cheers
Petronoid said:
Hi,
I was trying different softwares and none is perfect. "Proxymator" has the simplest UI and works with Google Maps, Gmail Facebook but not for Market and other apps. None of the voips work either. But I guess ASProxy is similar, not all apps work. I am waiting for a better "Proxymator" version.
Hope it helps...
Cheers
Click to expand...
Click to collapse
Well, while trying different apps, out of curiosity I installed "Autoproxy" developed by here in xda forum. Just forget about anything else mates. This is it...works beautifully with almost all apps. Just search the forum........
Hope this helps.
When researching the same question as to how to use Android Apps with the SO Unlimited Browsing plan, I came across this app (forum will not let me post link, sorry):
Orbot is an application that allows mobile phone users to access the web, instant messaging and email without being monitored or blocked by their mobile internet service provider. Orbot brings the features and functionality of Tor (read more below) to the Android mobile operating system.
Click to expand...
Click to collapse
I installed it and it seems like it could work for this, but I'm not proficient enough to figure out how to configure it, or if it is do-able. Google search term: 'Orbot, Tor on ANdroid'
Is there an equivalent iPhone app or way to get Speakout to work with other apps on an iphone?
My employer just opened up Android native email capability (to receive work email, calendar, apps) for my Note i717. Problem is, they won't allow Rooted devices.
I know there's several (6 I think) security certificates that get installed, but I was wondering if there's a way around this no-root rule.
1. If I unroot, get all certificates installed and then re-root will it nullify the certs?
2. Does anyone know enough about certs to answer if they're something that can be backed up and restored if I move to a different ROM in the future?
I've scoured the forum and have found info on bypassing the credential logins, but not pertaining to these questions above. Answers would be greatly appreciated.
It isn't really a rule...depending on your environment
b3furuya said:
My employer just opened up Android native email capability (to receive work email, calendar, apps) for my Note i717. Problem is, they won't allow Rooted devices.
I know there's several (6 I think) security certificates that get installed, but I was wondering if there's a way around this no-root rule.
1. If I unroot, get all certificates installed and then re-root will it nullify the certs?
2. Does anyone know enough about certs to answer if they're something that can be backed up and restored if I move to a different ROM in the future?
I've scoured the forum and have found info on bypassing the credential logins, but not pertaining to these questions above. Answers would be greatly appreciated.
Click to expand...
Click to collapse
Unless your company is using a type of MDM platform (Codeproof, Good, MobileIron, AppSense), they will not be able to detect that you have root access to your phone. Some companies instruct users to install a separate MDM application in order to access their email. Most Exchange servers can be connected to without installing the MDM software. If they don't force an MDM client, they won't know you are rooted.
Depending on the version of Exchange, you can use a 3rd party email app like K-9 to access the email which would also bypass the additional security policies that will be installed if you were using the built-in Exchange support. I use Touchdown, therefore the app is protected by a PIN but not my phone, so I can still unlock the phone without having to type a 6 digit number every, single, time.
The way I see it, the company's data is still protected, and I am not overly inconvenienced, it is a win-win.
Unless your company is using a type of MDM platform (Codeproof, Good, MobileIron, AppSense), they will not be able to detect that you have root access to your phone. Some companies instruct users to install a separate MDM application in order to access their email. Most Exchange servers can be connected to without installing the MDM software. If they don't force an MDM client, they won't know you are rooted.
Depending on the version of Exchange, you can use a 3rd party email app like K-9 to access the email which would also bypass the additional security policies that will be installed if you were using the built-in Exchange support. I use Touchdown, therefore the app is protected by a PIN but not my phone, so I can still unlock the phone without having to type a 6 digit number every, single, time.
The way I see it, the company's data is still protected, and I am not overly inconvenienced, it is a win-win.
Click to expand...
Click to collapse
Apologies, I did forget to mention they instruct to install Mobile-Iron.
Their process is such:
1. Install Mobile-Iron
2. Encrypt Device & set 6 digit pin
3. Install Certificates
4. Email configuration
5. Sync email, calendar, clients to phone
They do note "If your device is rooted, this process will not complete successfully."
Reviewing the steps, it looks like the whole process is done within Mobile-Iron.
No dice so far
Still can't find anything on the net for this. If anyone can help answer this I'd greatly appreciate it.
I'd love to be able to check on emails without having to open and boot my laptop. Also, it would be great to have my calendar sync so I don't miss meetings.
Hey there XDA
So I was reading this article the other day that pertains to security and encryption on the Android Operating System
http://www.bibliotecapleyades.net/sociopolitica/sociopol_cia38.htm
Basically what is says is that even if you use encryption in apps there's nothing preventing people from accessing your devices mic or camera
But I was thinking what if you encrypt ALL outgoing traffic? Now I'm not the most well versed guy when it comes to technology but I've heard about for example SSH tunnels
So I found this guide on how to setup one on Android: https://www.howtogeek.com/121698/how-to-route-all-your-android-traffic-through-a-secure-tunnel/
Would this effectively encrypt all outgoing data?
Eklondh said:
Hey there XDA
So I was reading this article the other day that pertains to security and encryption on the Android Operating System
http://www.bibliotecapleyades.net/sociopolitica/sociopol_cia38.htm
Basically what is says is that even if you use encryption in apps there's nothing preventing people from accessing your devices mic or camera
But I was thinking what if you encrypt ALL outgoing traffic? Now I'm not the most well versed guy when it comes to technology but I've heard about for example SSH tunnels
So I found this guide on how to setup one on Android: https://www.howtogeek.com/121698/how-to-route-all-your-android-traffic-through-a-secure-tunnel/
Would this effectively encrypt all outgoing data?
Click to expand...
Click to collapse
Not really, setting up an SSH tunnel will only encrypt your traffic between your device and your server, at some point most traffic will have to enter the internet in just as secure manner as it does now so that you can view a website for example, it will add another layer of security, but really only useful for privacy from those on your local network or (if your server is outside your ISP network) from your ISP also (but you'd have to change your DNS servers also or they can get info from there about sites you visit)
Also non of that will stop the issue you mention above about gaining access to your camera, mic, files etc that to beat encryption they just have to gain access to your phone, that could be as simple as sending you a malware link to your email, Whatsapp or whatever, which you visit. Which seems to be what my mum did 2 days ago, there was a well crafted email that appeared to be from Genes Reunited making specific reference to her personal private data & contacts in her account so she clicked the link, now she has no internet access & other issues on tablet, but of course I can't log in to fix from here & she can't follow my instructions over the phone properly! The email password she gave me doesn't work (I wanted to examine the file she clicked on), though there was no confirmation via txt of password changed. So right now I'm not sure as could be related to the TalkTalk hacks.... Or just my mum! Rant over!
So in short no, ssl is not a simple solution
this might help. https://www.torproject.org/
"err on the side of kindness"
IronRoo said:
Not really, setting up an SSH tunnel will only encrypt your traffic between your device and your server, at some point most traffic will have to enter the internet in just as secure manner as it does now so that you can view a website for example, it will add another layer of security, but really only useful for privacy from those on your local network or (if your server is outside your ISP network) from your ISP also (but you'd have to change your DNS servers also or they can get info from there about sites you visit)
Also non of that will stop the issue you mention above about gaining access to your camera, mic, files etc that to beat encryption they just have to gain access to your phone, that could be as simple as sending you a malware link to your email, Whatsapp or whatever, which you visit. Which seems to be what my mum did 2 days ago, there was a well crafted email that appeared to be from Genes Reunited making specific reference to her personal private data & contacts in her account so she clicked the link, now she has no internet access & other issues on tablet, but of course I can't log in to fix from here & she can't follow my instructions over the phone properly! The email password she gave me doesn't work (I wanted to examine the file she clicked on), though there was no confirmation via txt of password changed. So right now I'm not sure as could be related to the TalkTalk hacks.... Or just my mum! Rant over!
So in short no, ssl is not a simple solution
Click to expand...
Click to collapse
Heh, **** man.. Hope she sorts it out
Now I think I've decided to use an SSH tunnel paried with RSA authentication for the time being, it seems good enough for me
mrrocketdog said:
this might help. https://www.torproject.org/
"err on the side of kindness"
Click to expand...
Click to collapse
Tor seems awesome
The proper way to achieve this is using a vpn which permits flexibility on the networking side. I use openvpn server on my home computer and i connect my phones to it. It is set to redirect all traffic through the encrypted tunnel which is forwarded to the internet through my home computer.
Now as noted before the information still goes out to the net at some point and comes back. Encrypting traffic does not help if you click on something malicious out there.
It does help to prevent the directly connected network to snoop on your actual traffic though. Handy when you connect to free wifi etc. Also you can filter traffic by application on the phone or by destination on the other side on the server.
Hi, I have a Samsung Galaxy S8+ which I purchased 3 or 4 months ago but I have never used it.
The device has been stored in a drawer because the first time I logged in I could not find a way to block Internet access for specific applications.
Now I would like to start using the device, but only if I can block Internet access (mobile data AND Wi-Fi) for specific applications.
I do not want to allow Internet access to applications like Contacts, Messages, Goople Play Store, Google Play Services, Gallery, etc., etc., etc.
So the question is:
How can I block Internet access (both mobile data and Wi-Fi) to all the applications I choose to? I am not talking about third party apps like firewalls... I want to block Internet access using the built-in (stock) apps/features/whatever... I mean by making use of the options that the device has by default.
Thanks in advance!
No there's no way to limit one app from getting to the Internet built into the phone. You could turn off the sync settings for some of them like Contacts, Gallery, etc.
I have to ask, why does it matter if those apps can get to the Internet? I mean how do you expect to install apps if you were able to block the Play Store?
Un-sync is the only thing you can do, https://play.google.com/store/apps/details?id=eu.faircode.netguard&hl=en is the other option.
What do you mean you can't? What about adhell2? As far as I know, it has internet permission for individual apps, and it doesn't need root...?
mjones73 said:
No there's no way to limit one app from getting to the Internet built into the phone. You could turn off the sync settings for some of them like Contacts, Gallery, etc.
I have to ask, why does it matter if those apps can get to the Internet? I mean how do you expect to install apps if you were able to block the Play Store?
Click to expand...
Click to collapse
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Niccolò Paganini said:
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Click to expand...
Click to collapse
I was gonna say maybe use tinfoil around your phone . If you decide you want to use internet on a specific app remove the foil. But IDK if it'll work though.
dalanik said:
What do you mean you can't? What about adhell2? As far as I know, it has internet permission for individual apps, and it doesn't need root...?
Click to expand...
Click to collapse
Hmm i'll have to look into that.
eddyo1993 said:
I was gonna say maybe use tinfoil around your phone . If you decide you want to use internet on a specific app remove the foil. But IDK if it'll work though.
Click to expand...
Click to collapse
Couldn't he just keep the phone in his tinfoil hat?
Mr. Orange 645 said:
Couldn't he just keep the phone in his tinfoil hat?
Click to expand...
Click to collapse
Yes he can. He can call it a phone accessory.
Take a look at "Datally: mobile data-saving & WiFi app by Google"
https://play.google.com/store/apps/details?id=com.google.android.apps.freighter
Sent from my SM-G955F using Tapatalk
gesbon said:
Take a look at "Datally: mobile data-saving & WiFi app by Google"
https://play.google.com/store/apps/details?id=com.google.android.apps.freighter
Sent from my SM-G955F using Tapatalk
Click to expand...
Click to collapse
If Datally allows control that'd be great. You can control an apps permissions, but none are directly internet.
Niccolò Paganini said:
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Click to expand...
Click to collapse
I guess I'm a fool because I don't care if Google is syncing my data so I could also get to it from my account via my PC..
Maybe you should stick to a Huawei P10 or a flip phone I guess...
Funniest thing ever!! He is complaining that his son can block internet access on his Huawei device, and then complains that his Samsung cannot due the same and therefore is a spyware device. EVEN THOUGH HUAWEI HAS BEEN PROVEN TO BE SPYING ON US CITIZENS BY THE FBI!! Like if u actually cared about your privacy you would stick with Samsung and stay far far away from Huawei
If you have root, use any firewall app available on Playstore such as AFWall+ or Droid Firewall
Niccolò Paganini said:
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet ...
That's why it's so important to block them having Internet access.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
Google or any other companies are not my tutor or my parents (I'm old enough to have grand children). They should not have, simultaneously, access to my storage data, contacts, calendar, and Internet access to send out all those data and info...
My son has a Huawei P10 and that device allows the user to block Internet access to specific apps.
So if this Samsung device does not have a way to limit specific apps from getting to the Internet, then the phone is a spyware device...
With the due respect, only a completly fool would use such a compromised device.
Note: my biggest problem is not Google Play Store because it's an app which I could use without allowing permissions like "storage", "contacts", and such. But I don't use Google Play Store. I use F-Droid and (if needed) Yalp Store.
Click to expand...
Click to collapse
Hello, i have same concerns with you. Have you find solution to this problem ?
Stock Samsung Apps like samsung music, calendar, camera etc. sending information to internet. I don't want this.
I used to use lineage os before, and this process was so simple. But now i have a s10e. I can't block internet access per apps.
Jail break your phone for true control (definitely worth it), everything you need to know is online. Tin foil ???
Found any solutions? I'd really be happy to find a way to do this without rooting my s10e.
And if you're only solution is still tin foil and think it doesn't make any sense, buy yourself a brain before answering please.
Kojackk said:
Found any solutions? I'd really be happy to find a way to do this without rooting my s10e.
Click to expand...
Click to collapse
Grab Activity Launcher on the Play Store (the one by Adam Szalkowski) and search for "Manage App Data. You can restrict access to mobile data and wifi on a per-app basis.
I was recently admitted to a company, and as an ease of accessing my e-mails and work schedule, the android "work profile" was made available so that I could have access to company information (such as e-mails, calendar, information and others) without having to receive a corporate cell phone.
However, my biggest concern is with the organization's access to my data. My organization that created the work profile, can have access to my browsing history, data on the device (such as photos, application files, etc.), time I spend using my cell phone, contacts, call logs, and other data personal profile?
I have already visited the google instructions page, but I was still unsure because my organization installed some network certificates and the warning "Your organization can monitor network traffic ..."
Another question:
If I leave a work profile app open in the background, and use my personal profile at the same time, can my organization have access to network traffic and consequently my personal information?
All questions, however redundant, are intended to clarify the details of the organization's access to my personal information
From now on, I am immensely grateful for the help and time you spent reading my questions.
You are holding a phone in your hands for which an organization has concluded a data plan contract and is paying for it. They therefore will have a legitimate interest in the network traffic on this device, unless it is a contract for unlimted bandwidth. Network traffic is triggered by apps / services , which can actually be read out: they simply have to install a HTTP/S proxy what is intercepting the HTTP/S traffic on any app housed on the phone.
jwoegerbauer said:
You are holding a phone in your hands for which an organization has concluded a data plan contract and is paying for it. They therefore will have a legitimate interest in the network traffic on this device, unless it is a contract for unlimted bandwidth. Network traffic is triggered by apps / services , which can actually be read out: they simply have to install a HTTP/S proxy what is intercepting the HTTP/S traffic on any app housed on the phone.
Click to expand...
Click to collapse
The phone is mine, and there is no plan
of internet hired by the company.
It's my personal cell phone, and for me to get
view emails and talk to people from
within the organization, I had to enable
the "work profile".
So I had my personal and work profile
on my personal device.
My question is: my company can see
my personal files and my online activity
in the "PERSONAL PROFILE"?
Fred964 said:
The phone is mine, and there is no plan
of internet hired by the company.
It's my personal cell phone, and for me to get
view emails and talk to people from
within the organization, I had to enable
the "work profile".
So I had my personal and work profile
on my personal device.
My question is: my company can see
my personal files and my online activity
in the "PERSONAL PROFILE"?
Click to expand...
Click to collapse
I created a second user on my phone named "Company".
If I do this it asks me if I wan't to turn on phone calls and SMS and then warns that
Call and SMS history will be shared with this user.
Click to expand...
Click to collapse
That makes sense, since I (as the owner) can decide whether or not other users of my phone can access that data.
I tried to access owners files via filemanager from "Company" account. I couldn't see anything.
I tried the same but via adb using a root shell -> I had full access to owners files.
Owner has a VPN active. I tried to access that VPN from within "Company". Didn't work.
Tried to access apps from within "Company" -> no luck.
Checked settings -> some are gone, some aren't. E.g. I can see my paired devices (paired from owner) when I'm in "Company" account.
Soo, to answer your question:
Fred964 said:
My organization that created the work profile, can have access to my browsing history, data on the device (such as photos, application files, etc.), time I spend using my cell phone, contacts, call logs, and other data personal profile?
I have already visited the google instructions page, but I was still unsure because my organization installed some network certificates and the warning "Your organization can monitor network traffic ..."
Click to expand...
Click to collapse
Access to browsing history, data, contacts? No.
Time spend? I don't know but in battery usage settings I can see how much battery has been used by the owner account.
Call logs? Yes, If you accepted that.
Your language? Yes.
About certificates: I don't know excactly what they do (I figured if you turn them off your device cannot connect to the internet anymore if that certificate is needed for that connection attempt) but you can go to Security -> Encryption & credentials -> Trusted credentials and turn them off while your in your personal account.
However: One questions remains: Does the profile your company created somehow differ from the one you can create manually via settings? I don't think so, so above things should be valid.
If that's an option you could also ask your company directly (even though I can understand if you might not want to trust them).