Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Android Privacy Security Your Rights Online

Marlinspike's Droid Firewall Kills Tracking 164

mask.of.sanity writes "The first dynamic Android firewall, dubbed WhisperMonitor, has been released by respected security researcher Moxie Marlinspike. The firewall will allow users to stop location-tracking apps and restrict connection attempts by applications. Marlinspike, whose company created the application, designed WhisperMonitor in response to the incidence of location tracking and malware on Android platforms. It monitors all outbound connection attempts by applications and the operating system, and asks users to permit or block any URLs and port numbers that are accessed."
This discussion has been archived. No new comments can be posted.

Marlinspike's Droid Firewall Kills Tracking

Comments Filter:
  • Like the phone itself? The applications aren't the only thing sending out the data..

    • by sherpajohn ( 113531 ) on Wednesday May 04, 2011 @03:45AM (#36021584) Homepage

      What do you mean "the phone itself"? What else is sending out information but applications? Little elves hiding in the keypad? Sorry, I don't understand what you mean...an android phone is a device running the android OS - I would expect everything to be an application, even the part that connects to your mobile provider. Maybe I am looking at it the wrong way.

    • It does spark the imagination as to what might be lurking inside these phones. Could they be chipped to spy on us without anyone knowing it? Do you know what each component is in that little phone? Does anyone? And even if you did know what components they are, who's to say "they" didn't slip in a chip disguised as something else. You would have to monitor the phone's output to see if it's broadcasting anything beside what it normally should. Then you have to consider, that it's function might be "on demand

      • Could they be chipped to spy on us without anyone knowing it?

        They don't have to chip it, there's an app for that [cnet.com] too, and it has been around for at least 5 years.

        Now what I could fathom them taking the risk of exposure for is the camera. Imagine being able to access any cell phone with a camera, browse its contents, or even activate it secretly.

        They can, and do

        Moral of the story, is don't carry a cell phone, monitor your home's security 24/7 to check for intrusion, do regular bug sweeps, don't talk or do business in your car, and never ever trust anyone. Your wife and kids and most trusted friends will be used as spies against you.

        ...or you could just put on your tin foil hat and call it a day.

        • by mlts ( 1038732 ) *

          It is possible, but once someone brings pictures and recorded conversations out in a trial obtained that way, there would be a mass uproar:

          People would start powering off their cellphones. Others would take apart the device and cut the solder traces to the cameras, snip the microphones, and use BlueTooth for all conversations. Enterprising companies will make cases out of metal and foam to guarantee the mic and camera won't pick up anything. Other cellphone case makers will make cases where only the wire

          • It is possible, but once someone brings pictures and recorded conversations out in a trial obtained that way, there would be a mass uproar:

            You mean, like in United States v. John Tomero [politechbot.com], as the grandparent referenced? I missed the uproar.

  • by dltaylor ( 7510 ) on Wednesday May 04, 2011 @03:32AM (#36021536)

    I used to use ZoneAlarm on Windows (still a version on my Win2K Starcraft PC), and tried NetBarrier for the PPC Macs. Both worked similarly, and I thought ZA was the greatest addition to Windows, ever.

    Sounds like my impending Color Nook will be getting one of these, day 1.

    • by Artifex ( 18308 )

      As an aside, if you have any machines running OSX these days, you should look into getting Little Snitch. Love it; it's been eye-opening to see how often and where browsers call home when they're started, now, for instance.

      • by cheros ( 223479 )

        Used it. Little Snitch has IMHO one major problem: they decided that it should use the Macs voice system if you go into FrontRow, and it's not optional - there is no way to disable it at. Voice rendering on computers is a pet hate of mine (and Apple's system is pretty bad), so the fact that LS decided all on its own to use this was enough to start seeking an alternative.

        I switched to Hands Off [metakine.com], which has the added advantage that I can have it monitor what applications do with my hard disk as well. And th

        • The hands-down best firewall for OS X (and other BSDs) is ipfw. No pointy-clicky though, so most Mac users won't use it.
          • by cheros ( 223479 ) on Wednesday May 04, 2011 @06:10AM (#36022232)

            No pointy-clicky though, so most Mac users won't use it.

            I was building BSD firewalls based on Gauntlet more than 2 decades ago :-). You have two extra problems with ipfw - you need to know upfront what you're going to shut down or allow and it requires a lot of expertise that is not available to your average user.

            In my case, you can add that I can no longer be bothered with hacking around in a box, I want the damn thing to work so I can get stuff done. Both LS and HO pop up when they have a question, but leave me otherwise to work. FIne by me..

            • In my case, you can add that I can no longer be bothered with hacking around in a box, I want the damn thing to work so I can get stuff done. Both LS and HO pop up when they have a question, but leave me otherwise to work. FIne by me.

              Actually, configuring ipfw is incredibly simple. Beyond most OS X users probably, but anyone who can install and configure *BSD will not be daunted by the five minutes or so it takes to set up ipfw. :)

              But of course your choice is valid and requires one to know or remember alm

            • by Hatta ( 162192 )

              I was building BSD firewalls based on Gauntlet more than 2 decades ago

              Your TTL is running out. Packet is about to die!

          • The hands-down best firewall for OS X (and other BSDs) is ipfw.

            Nonsense, the best firewall for other BSDs is pf [wikimedia.org]. Apparently it's also going to be the best firewall in OS X 10.7.

            • I prefer ipfw (Altq is a major advantage IMO), but it's a bit like arguing about vi vs emacs -- either will do the job, just depends on how you like to work.
        • by Xyde ( 415798 )

          You Disable it by going into rules and allowing Front Row...what did you expect?

  • by Anonymous Coward on Wednesday May 04, 2011 @03:45AM (#36021594)

    Not dynamic, but allows you to setup white/black lists of application to access 3g or wifi network.
    Does a good job. You just have to remember to add new apps to the white list of you want to allow them access to a network.

    http://code.google.com/p/droidwall/

    • Yep, WhisperWall is the _Second_. I've been running DroidWall for months.
      • by mlts ( 1038732 ) *

        I'd say DroidWall has been out at least a year. It has done so far an effective job at keeping apps from phoning home.

        It would be nice to have a utility that offers the ability to keep apps away from the ability to get GPS info, either coarse or fine. This way, an app can do what it needs to, but when phoning home with whatever info it can find, it will either get the coordinates of some random place, or none at all.

    • Yes, but did it include the OS? I think this is the difference in this application.
    • I've been using Droidwall for quite a while, and I'm going to keep using it for one primary reason - you can choose whether to allow apps access over wifi, 3g, or both. I'm mainly interested in limiting what apps do when I'm using mobile data.

      I really hate that it doesn't pop up a notification when it blocks something new, though. Every time I install a new app I forget to enable it in the Droidwall settings, and it sits there not able to connect until I remember.

      In fact, the whole interface for Droidwall i

  • Which is why i like my mobile phone to remain a mobile phone and not a mini-computer subject to the same problems that plague PCs. We already have malware and other crap for mobile devices and the need for firewalls.... bet the anti-virus companies are wetting their pants over the move from mobile phones to mobile computers.

    If i find myself in an emergency situation i'd like to be sure my mobile phone is working and not suffering from a plague of outbound traffic sending spam to half the world.

    • SMS of Death [schneier.com]

      Bad coding is ubiquitous on all devices running any software. Remember that these are consumer end devices and not scrutinised in the same way as, say, military software is.

      Oh, wait... [slothmud.org]
    • by jc42 ( 318812 )

      Which is why i like my mobile phone to remain a mobile phone and not a mini-computer subject to the same problems that plague PCs. We already have malware and other crap for mobile devices and the need for firewalls.... bet the anti-virus companies are wetting their pants over the move from mobile phones to mobile computers.

      So you still have an analog mobile phone? Do they still make those? ;-)

      Seriously; all digital phones are small computers. If one has a UI that only does phone calls, that's fine for customers that want that, but inside, there's still a cpu chip and a pile of software. It may be slow and have not much memory, but it's still a programmable computer. With a phone-only UI, it really just means that you have no way of discovering what other software the vendor might have filled it with.

      One of the other

  • It's only available as a 0.3 Beta for Nexus S and Nexus 1.

    The Installers are only for Windows 7 (64Bit) and Linux 64Bit (and OSx).

    It's a great idea. If it continues to be free, I'll install it when it becomes available for my HTC...

    • Re: (Score:3, Informative)

      by Anonymous Coward
      The 'installer' wipes your ROM and replaces it with their own. It isn't an app installer.
      • It's 85Megs (windows x64 installer).. unless they cut out a lot of standard apps as well, I think there's something else to it. Maybe I'm wrong and it is just a custom done ROM, as I'm use to the Galaxy S ROMs (which typically are 130-200MB)

    • by Sancho ( 17056 ) *

      I got to your comment and was pretty disappointed. My fault for trusting a Slashdot headline, but "Droid" is a particular line of Android phones from Verizon (the kind I have, incidentally.) So I guess this is useless to me.

      Thanks, guys, for your lovely reporting.

  • by AtomicJake ( 795218 ) on Wednesday May 04, 2011 @04:22AM (#36021758)

    Excellent news for Android users. I guess that Apple would never accept a similar App for the iPhone - it might disturb the user experience.

    • It is not in the marketplace. And it replaces the whole OS with a modified full disk encryption mod. But here is no uninstall path yet.
    • And that user experience will stop this being useful for anyone except the geeks. Once you click the "allow" button with the "always do this from now on" tick box checked, then your app leaks data for ever. You may legitimately want super-whizzo-local-knowledge-app to know your location when you use the app, but not so much when it's hidden away in the background (or otherwise not immediately in use).

      This is a good step forward, but I doubt it'll solve the problem entirely.

      • by mlts ( 1038732 ) *

        Also, if an app that doesn't do anything nasty has access to items, who knows if a future update pushed out with more malicious code may affect people. A lot of people automatically update their devices, and the SMS archiver that works perfectly with the v1.0 copy is spamming contacts at random with the 1.0.1 rev.

    • by chihowa ( 366380 ) *

      I guess that Apple would never accept a similar App for the iPhone - it might disturb the user experience.

      That's true, but there's one available in Cydia for jailbroken phones. Called Firewall IP [saurik.com], it works pretty well.

  • The issue with Android is it is an advertising platform. But imho with a strangely bad implementation... At least in hindsight.

    I like my HTC, but sincerely hate all the programs that "require" full internet access. The reason given is ads, which I am often alright with: I get stuff "for free" that I don't care enough to pay for (games, rarely used tools, apps I can easily live without). The problem is one newer knows what else they use this unrestricted access to. Much of this doubt could be removed if Goog

  • I mean I can see the benefit of being able to install an app that requires data permissions without the data, but this really should be something built into the operating system. Then again, perhaps a built-in firewall would be too much...
    • by green1 ( 322787 )

      This is something that's always bugged me on my android, every time you install an app it lists which permissions it requires, and then gives you the choice of allowing them all, or not installing the app. Why can't I choose to allow/deny any one of those permissions for any app?

      Why can't I say, yes I want the app, yes I want it to access my SD card, yes I want it to take pictures, no I don't want it reading SMS messages, no I don't want it accessing the internet.

      Let the apps ask for whatever permissions th

      • It would be rad to pick and choose. And even if the apps are programmed poorly that they require access, the android OS could supply some API/system calls with your choice of random/empty/fixed data. E.g. an app wants Fine GPS acess, but doesn't need it for anything but advertising. Great, just feed it the south pole every time it asks.

  • by TractorBarry ( 788340 ) on Wednesday May 04, 2011 @05:02AM (#36021938) Homepage

    > "It monitors all outbound connection attempts by applications and the operating system, and asks users to permit or block any URLs and port numbers that are accessed."

    Excellent. + 100 this is the way things should be !!!

    I've been yammering on about this for ages now without being able to get any Linux devs interested. As far as I'm concerned without such a feature Linux is a dead duck as far as being an operating system suitable for the home user. I've stopped putting Ubuntu on peoples machines due to the complete lack of such a firewall. And no. IP tables and Firestarter etc. are not the same thing *at all*.

    The end user should always be given the final decision before *ANYTHING* on the computer is allowed internet access. This single feature of the Zone Alarm firewall on Windows has allowed numerous "non computer savvy" friends and relatives to realise they have a problem well before malware has been able to phone home. Not to mention blocking all the crappy "auto updaters" and other such crap that idiots have started putting in their Windows apps.

    1 The people who write Zone Alarm for Windows get it.

    2 Moxie Marlinspike gets it.

    3 The Linux devs simply do not get it. They seem to believe we live in Magic Fairyland where no program would ever do anything malicious and anything should be able to connect out without the user knowing about it. "But we're only fetching cover art/some other stuff". No you're reporting information to a third party that I do not wish sent thank you very much.

    Without this simple feature your computer is simply a digital spy silently allowing any program to send any information it wants anywhere in the world.

    Totally unacceptable in 2011. All machines should have firewalls that allow the user full control of what applications are allowed to talk to the local network and/or the internet.

    • by Zebedeu ( 739988 )

      While I agree with you on principle, I think in practice these types of programs bring a lot of grief.

      I once visited the house of a friend who was having trouble connecting to the internet. Turned out ZoneAlarm (or a similar program) popped up a dialog asking if he wanted to block Windows networking (not by that name, but the library which controls it) and he said yes.

      Of course there are ways around that. For example, the firewall program should've had networking whitelisted, but even then people will try a

    • Considering there's nothing as feature-complete as IPtables on Linux, I think your best bet is to learn that rather than rely upon some limited GUI interface.
      • by Luckyo ( 1726890 ) on Wednesday May 04, 2011 @05:57AM (#36022146)

        Considering there's nothing as feature-complete as IPtables on Linux, I think your best bet is to learn that rather than rely upon some limited GUI interface.

        I think you just underscored his point of linux not being usable for a desktop. Modern desktop should NOT, EVER rely on command line interface for anything aimed at end-user if it is to be usable.

        There is a reason why we don't use rotary diallers in smartphones. There's a reason why we don't use command line interface on average home desktop machines (and no, your home machine is NOT average by any margin any more then a rotary dialler phone is if it's using linux).

        • by clang_jangle ( 975789 ) on Wednesday May 04, 2011 @06:29AM (#36022348) Journal
          There's a reason the CLI remains the first choice of admins and coders, too -- it's the most powerful interface. It won't be going away in the next fifty years, and may still be with us in a thousand. Users who think "the computer needs to learn me" rather than the other way around will always have a low ceiling on their competence level and will always be frustrated.

          As far as the "not usable" BS, really who cares? Competent people use *nix, most people are not competent. It's old news, and I really don't care what you use, frankly. Just trying to be helpful...
          • And you can crow on about power all you want, users need ease of use. People are not experts in all devices and cannot be expected to be. Neither are you, for that matter. I'm sure in short order I could find many devices you use that you have little understanding of how they work, and that an easy to use interface is important to your like of the device.

            The attitude that everyone should be "competent" and willing to be a tough guy with computers is silly. No, things should be made easy for humans. The poin

            • The truth is that unskilled users have very little value to the *nix community at large, and virtually no value whatsoever to the FOSS dev community. Harsh reality, but that's how it is. If you want to use DefaultOS (windows) then there are tons of very user-friendly tweaks available because it's a ubiquitous system. If you want to use something better which is open and free the bar is higher. Clear it or don't, it makes no difference to me. There's a vocal minority of Linux zealots who make people think w
          • by Luckyo ( 1726890 )

            It won't be going away in the next fifty years, and may still be with us in a thousand. Users who think "the computer needs to learn me" rather than the other way around will always have a low ceiling on their competence level and will always be frustrated.

            Are you competent in what to do when your car doesn't work as it should? Are you competent in how to fix your refrigerator? Your oven? Your piping? Toilet? Carpentry? Windows (physical ones)?

            You are a professional in a narrow field of computer sciences. You are a user of massive amount of other appliances that you have NO COMPETENCE whatsoever in. By your logic, cars should still require you to be a certified mechanic, like it used to be in 1930s, you should not have any plumbing at your home if you don't k

            • You sure do like making erroneous assumptions, don't you? :D I grew up on a farm, and can assure you there is very little technology in my life which is mysterious to me. When your choices are "make it go or starve" growing up, you learn to be pretty darn capable with pretty much any kind of machinery.

              Reality is, this isn't dark ages any more.

              It is for all you helpless people who don't like to learn anything.

        • A push button dialler has _more_ functionality than the older rotary dialler (at least additional items "#" and "*")
          The transition from rotary->push button is simply one of mechanical reimplementation, not of simplification.
          Now we have address books, how would people feel if you _only_ had address books, you couldn't add any new numbers you could only choose from the numbers that were somehow "blessed" by your tellco or phone manufacturer. That is a more accurate comparison to the iPodification of tech.

          I

          • A funny thing about that... When I was new to Linux and FreeBSD I often got frustrated with inadequate, semi-or-non-functional GUIs and used to think, "when I learn a little more I'm going to fix that". But then eventually I realized the CLI is where it's at. Once you learn enough of it to become resourceful enough to get by usually referring only to man pages, --help, and STFW you might come to a point where you don't want to go backwards, and that trying to achieve everything you like in a GUI is usually
        • by Anonymous Coward

          > Modern desktop should NOT, EVER rely on command line interface for anything aimed at end-user if it is to be usable.

          Oh, BS. This mentality is why the internet is the spam infested cesspool that it is. As long as we cater to people who refuse to learn things, who are proud of their stupidity, there will always be the kind of problems we see today.

          Thirty years ago everyone using personal computers was using the command line because _that is all there was_. Have people become dumber since then? I doub

        • CLI = granular control, GUI is inherently less granular.

          Most end users don't need granular control, they need to be given simple sets of choices.

    • by irp ( 260932 )

      You are of course absolutely correct... Except you are missing who-is-who: You are not the end-user. You are the product! :-)

      Advertisers are the end-user, they pay for your apps, for your Gmail, and for each and every search you do on Google search... Your phone is just an extension of this package.

      I still agree with you and think Google have made a horrible implementation in Android: We SHOULD be able to deny an app full internet access. The app should still function, but just get a "not connected" excepti

      • Ads should be presented...

        No, they should not. That's the problem with android in a nutshell -- it's TiVo-ized Linux turned into an advertising platform, provided to you via your carrier and a ginormous advertising company. Do not want.

    • On linux we have AppArmor, we have possibility to distinguish PIDs in ip tables (already used for traffic shaping by Peer-2-peer aficionados), ...

      The problem is not the technology, the problems are different :
      - The main one is the interface. Someone has to write something which is user-friendly enough.
      - The other problem is the massive amount of executable existing on Linux. ZoneAlarm works well on windows, because of its rather monolithic structure. There aren't that many process needing to be controlled.

    • by ron_ivi ( 607351 )

      Can SELinux do much/most of what you're asking? The SELinux "sandbox" utility has some examples of restricting network access on an application-by-application manner.

      For example, this firefox can access the internet:

      sandbox -X -t sandbox_web_t firefox

      and this one can't:

      sandbox firefox

      If you set up selinux policies that restrict most applications by default, it should cover that "cover art" use case you mentioned.

    • Uhm, wrong. A hostile userland program that can execute arbitrary code has ALREADY WON. There's nothing a "personal firewall" can do. Even if that firewall of yours would look at which process started the connection, there are many, many ways to control a process that is allowed. Both on Unix and on Windows.

      You'd need a sandbox of some kind: a virtual machine, a separate user who can't directly access the network, a quasi-user (like a selinux role), etc. On Windows, even separate users are not enough if

    • The Linux devs simply do not get it. They seem to believe we live in Magic Fairyland

      I don't think you get it. Who is "they"? Linux isn't a brand and it's not a company. There is no such thing as "The linux devs" except the linux kernel developers. There's literally thousands of different unrelated teams working on linux packages. Frankly I have no idea who you're talking about. Linux has the support for what you're saying, someone just needs to develop it. There are/were developers for a similar tool, maybe you should talk with them. If they ever got somewhere good, maybe they'd be

    • by mjwx ( 966435 )

      1 The people who write Zone Alarm for Windows get it. 2 Moxie Marlinspike gets it.

      I get it.

      3 The Linux devs simply do not get it.

      They get it too.

      The end user

      They don't get it.

      Totally unacceptable in 2011. All machines should have firewalls that allow the user full control of what applications are allowed to talk to the local network and/or the internet.

      The problem is the end user will scream bloody murder if they have to do anything to get access to their precious pron and emails. If they have to think for them

  • by Compaqt ( 1758360 ) on Wednesday May 04, 2011 @05:08AM (#36021960) Homepage

    What happened to "appliances"? Set it and forget it?

    Now it's going to be Windows all over again:

    My phone's too slow, buy another one.
    -reinstall OS
    -upgrade OS
    -install antivirus
    -check for rootkits

    • you don't have to buy a "smart" phone, you know that right? Personally, having had one for a year, I would NEVER go back the convenience of a "pc" in my pocket outweighs the annoyances 1000 to 1 ...

  • While it is less detailed and has no popups, it is open source and works rather well:
    http://code.google.com/p/droidwall/ [google.com]

    The main difference being that DroidWall is all or nothing.

  • ... Nexus One and Nexus S phones. Wow, what a let down. Says "More devices coming soon..." but you can pretty much count that they can't support all - or even most - devices, so this isn't an Android thing, it's a Nexus thing. Chances are it requires root which is why they can't support anything other than Nexus right now.
    • The above being said, they should release steps for integration with custom Android ROMs so developers like myself can extend support for this to ALL devices, not just ones of their choosing.
  • I (still) have a Nokia Symbian based phone and turned off all email updates, GPS map updates etc before going on a trip to China. After one week I got an SMS warning me of large "roaming charges" despite only using the phone for sending a handful of SMSes. Either I missed some automatic update/sync that should have been turned off (unlikely) or the phone checks/updates something which can't be turned off.

    Either way, a firewall application would have helped me to:
    A) Be sure the phone isn't auto-doing anythin

    • by Zebedeu ( 739988 )

      I don't know about Symbian (or whatever OS you had running in your Nokia), but Android, and I believe iOS has an option to disable the data connection as soon as the phone begins roaming.

      That checkbox is checked by default In Android, and if you try to uncheck it, a dialog box pops up explaining that you risk very high data rates while roaming.

  • by Kamiza Ikioi ( 893310 ) on Wednesday May 04, 2011 @06:32AM (#36022366)

    FTA, only has installs for Nexus One and Nexus X, and installer comes in Windows, OSX, and Linux... and it looks like they're all 64bit installs only. Very limited. And there is DroidWall, which is available on the market, but I believe you need a rooted phone (which is probably true for any decent firewall). I use DroidWall and it's fantastic. It let's you choose to allow not just an app, but how it connects. You can, for instance, block Pandora on 3G, but not Wifi.

    • by Timmmm ( 636430 )

      That's because it replaces some of the android OS, and it needs a desktop installer to unlock the phone and push the files over adb.

      Tthere is also no uninstaller at the moment - you have to reflash the original ROM.

  • Virtually nobody will want to use a phone that requires something like that. I say that as somebody who just dumped Windows 7 at work because the corporate setup is so laden with virus scanners, encryption software, and Corporate Big Brother spyware that it's virtually unusable - both the computer and the user do little else than maintain the computer!

    If google doesn't figure out a way to make this unnecessary, it will be a huge advantage for Apple, because their "walled garden" reduces the need dramatic

    • by mlts ( 1038732 ) *

      Google has too much at stake for Android to get known for malware.

      Malware on Android is rare. Otherwise, if malware were common, you would hear screaming from friends and friends of friends almost everywhere.

      Take Windows, if it isn't a friend, it is a friend of a friend, or an acquaintance of a friend who has an infected machine. Android is nowhere near this point yet. If one person gets their phone infected, they will be telling everyone they know, so word would get out. As of now, there are rumors abo

  • Then it can run like shit like a windows desktop with the added bonus of a shortened battery life.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...