Why are you installing a malicious application? Any application which can call out has the INTERNET permission, so you knew it would access the internet.
In essence, you can already block an application from using the internet by just not installing it. Firewalls could make this situation worse. A malicious application could install a firewall rule preventing your phone from getting OTA updates containing important security patches. A malicious intercepting firewall could modify and record all your traffic with a third party site, possibly stealing confidential data. I'm not sure firewalls provide any real value... -- Nick On Fri, Oct 1, 2010 at 1:27 PM, Patrick Vicens <[email protected]> wrote: > In hindsight, one thing to think about is whether an malicious application > can phone out from your phone. You could block anything that isn't > white-listed with the firewall, just a thought. > > On Fri, Oct 1, 2010 at 4:09 PM, Patrick Vicens <[email protected]>wrote: > >> I agree that looking into the relevance of a firewall is something to >> think about. I personally agree with you, its more of a question of can it >> be done versus is it worth it. I will take some time to read up on the link >> you posted, should be helpful. >> >> On Fri, Oct 1, 2010 at 4:06 PM, Nick Kralevich <[email protected]> wrote: >> >>> iptables is only configurable by root. Unless you're on a rooted phone, >>> configuring IP firewalls is not allowed. >>> >>> But, stepping back. Why do you think you need a firewall? Android >>> doesn't allow listening ports by default, and this is enforced via the >>> Compatibility Test Suite (CTS) >>> >>> >>> http://android.git.kernel.org/?p=platform/cts.git;a=blob;f=tests/tests/net/src/android/net/cts/ListeningPortsTest.java;h=ff6b4e9d9460b946893879f13bc3c1d16b73c001;hb=froyo >>> >>> So, it's impossible to make an inbound connection to your phone. >>> >>> Certainly, you could install an application which creates a new listening >>> port, or makes outbound connections. But then, why did you install the >>> application? What are you hoping a firewall will do? >>> >>> -- Nick >>> >>> On Fri, Oct 1, 2010 at 12:04 PM, Patrick Vicens <[email protected]>wrote: >>> >>>> Anyone know about any implementations of IP tables on assorted android >>>> devices? Seems a lot of the security software claim to implement firewalls >>>> but avoid mentioning that they don't on android. >>>> >>>> Is iptables out of the box included? is it configured? Any applications >>>> for working with it? >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Android Security Discussions" group. >>>> To post to this group, send email to >>>> [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]<android-security-discuss%[email protected]> >>>> . >>>> For more options, visit this group at >>>> http://groups.google.com/group/android-security-discuss?hl=en. >>>> >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Android Security Discussions" group. >>> To post to this group, send email to >>> [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]<android-security-discuss%[email protected]> >>> . >>> For more options, visit this group at >>> http://groups.google.com/group/android-security-discuss?hl=en. >>> >> >> > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]<android-security-discuss%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
