Your mobile device NEEDS firewall profiles
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
Do not connect to work or school WiFi networks?
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
Surely the simplest approach is not to use a wifi ssid that you don't trust. Yes, mobile broadband is slower and more expensive, but is also more under your control, it is however harder for your boss to monitor.
If I was an it manager I'd probably want to keep an eye on WiFi traffic, even on the open ssid, just to see what's going on. I don't trust free WiFi.
If you can't use 4/5g, and can't find a suitable firewall or VPN, can you set up a different user on your phone? - and be disciplined in is use.
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
fuck all the bosses that would try to excert control over my phone
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
GrapheneOS has the profiles that you are asking for.
-
GrapheneOS has the profiles that you are asking for.
Yeah, Graphene is really great
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
That's something that always bother me (Especially with Android), why that fuck can I not choose which networks can my apps access if access at all???
Is my device damn it! And I know Android supports is just locked away from users -
Do not connect to work or school WiFi networks?
Hey that's my solution
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
Just fire up a VPN
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
is this post a question?
-
is this post a question?
It's me asking if there's any firewall out there that supports profiles. I've learnt graphene has this functionality, that's become one option to go with.
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
If you do use a firewall, and then use a VPN, your connection to a VPN server will still show up right?
-
Hey that's my solution
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
Afwall+ (paid version) has tasker integration i think?
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
For the record, in almost all versions of Android you can install apps in a isolated environment through Shelter. Apps in this environment get icons in your home screen just like the rest, but don't share the vpn/firewall connection that you might have active through RethinkDNS, among other things.
You effectively have two sets of apps with different firewall settings. And if you figure out a way to automate the locking down of RethinkDNS (through something like Tasker or Schröder's Automation,) you would effectively have a mechanism that only lets the small number of apps in the isolated environment work while connected to an untrusted network.
-
Does the school you go to need to know that you have the Signal app installed on your phone, checking with the Signal servers in the background for new messages? Even if you chose to use a VPN to tunnel your traffic entirely, is there no other option but for your employer to witness you connected to a foreign VPN server? If you connected to a point at your home, even that could be interpreted that you have something hide.
You could have two phones with different sets of apps in your pocket (one for “business” and one for everything else), but you if you don’t want that you have to ask:
Is there a firewall for Android that can block your usual traffic from leaving the device, by turning on a specific profile based on something like the WIFI name? There are quite a few traffic blockers, such as RethinkDNS, Netguard, or myPersonalDNS, but they assume you want to block the same set of traffic regardless of time and place.
Netguard also has a separate lockdown mode (which only enables a few apps, or none, to go through) that if toggled automatically based on connected network would enable you to dictate which apps can use untrusted networks.
While there are lots of apps that automate some sort of action based on the name of the WiFi network, activating the lockdown mode in Netguard is more specific, and I doubted if it's even possible. To start, I came up with a Termux command invocation that toggles the lockdown mode in Netguard. After customizing the quick settings (near the notification area) this
adbcommand confirms that this method for toggling Netguard's lockdown mode really works:adb shell cmd statusbar click-tile eu.faircode.netguard/.WidgetLockdownDefault Termux doesn't request the necessary permission which impeded the command from running, however:
java.lang.SecurityException: StatusBarManagerService: Neither user 10472 nor current process has android.permission.EXPAND_STATUS_BAR.So this is where I'm at, I could probably just use Tasker to like some people do to run the
cmd statusbarcommand, but I also wanted to call some attention to the issue report on the Termux repository regarding this permission. -
System shared this topic on
