In order for a malicious application to phone out, you would have had to have granted that permission to the app in the first place. This is isomorphic to punching a hole in a firewall. Not sure what the firewall gains you here.
On Fri, Oct 1, 2010 at 3:27 PM, Patrick Vicens <[email protected]> wrote: > In hindsight, one thing to think about is whether an malicious application > can phone out from your phone. You could block anything that isn't > white-listed with the firewall, just a thought. > > On Fri, Oct 1, 2010 at 4:09 PM, Patrick Vicens <[email protected]> wrote: >> >> I agree that looking into the relevance of a firewall is something to >> think about. I personally agree with you, its more of a question of can it >> be done versus is it worth it. I will take some time to read up on the link >> you posted, should be helpful. >> >> On Fri, Oct 1, 2010 at 4:06 PM, Nick Kralevich <[email protected]> wrote: >>> >>> iptables is only configurable by root. Unless you're on a rooted phone, >>> configuring IP firewalls is not allowed. >>> But, stepping back. Why do you think you need a firewall? Android >>> doesn't allow listening ports by default, and this is enforced via the >>> Compatibility Test Suite (CTS) >>> >>> http://android.git.kernel.org/?p=platform/cts.git;a=blob;f=tests/tests/net/src/android/net/cts/ListeningPortsTest.java;h=ff6b4e9d9460b946893879f13bc3c1d16b73c001;hb=froyo >>> So, it's impossible to make an inbound connection to your phone. >>> Certainly, you could install an application which creates a new listening >>> port, or makes outbound connections. But then, why did you install the >>> application? What are you hoping a firewall will do? >>> -- Nick >>> >>> On Fri, Oct 1, 2010 at 12:04 PM, Patrick Vicens <[email protected]> >>> wrote: >>>> >>>> Anyone know about any implementations of IP tables on assorted android >>>> devices? Seems a lot of the security software claim to implement firewalls >>>> but avoid mentioning that they don't on android. >>>> >>>> Is iptables out of the box included? is it configured? Any applications >>>> for working with it? >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Android Security Discussions" group. >>>> To post to this group, send email to >>>> [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]. >>>> For more options, visit this group at >>>> http://groups.google.com/group/android-security-discuss?hl=en. >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Android Security Discussions" group. >>> To post to this group, send email to >>> [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/android-security-discuss?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
