The biggest threat to Android security is the inability of normal users to control their firewall.
What? Android has a firewall?
No, of course not. But Linux has a firewall, and it's installed by default on every Android phone. If you don't have root privilege, it's useless to you -- everything is open. But if you do have root, the DroidWall app is a simple way to manipulate it.
You see, every Android app has its own UNIX userid. That's how cross-app permissions are enforced. And iptables can associate packets with the userids of the processes sending or receiving them. So DroidWall offers you a simple list of all of your apps, with checkboxes for allowing packets through via cellradio or WiFi (or both or neither).
Frankly, Android ought to ship with something like this.
1 comment
[ 4.5 ms ] story [ 12.2 ms ] threadWhat? Android has a firewall?
No, of course not. But Linux has a firewall, and it's installed by default on every Android phone. If you don't have root privilege, it's useless to you -- everything is open. But if you do have root, the DroidWall app is a simple way to manipulate it.
You see, every Android app has its own UNIX userid. That's how cross-app permissions are enforced. And iptables can associate packets with the userids of the processes sending or receiving them. So DroidWall offers you a simple list of all of your apps, with checkboxes for allowing packets through via cellradio or WiFi (or both or neither).
Frankly, Android ought to ship with something like this.
(Not the author, just a happy user.)