Related
Hi
Wonder if you guy's can help. Just got a sim free defy and have noticed it seems very data hungry from the off.
Installed a data app and its saying im using 5 mb + a day.
What is it doing, to use all this data all i seem to have done is put my location in the weather app thats built in, logged on to my face book and thats about it. oh and set up my o2 email account.
Cant seem to find how to limit the size of email download in the accounts.
How can i monitor each individual program and find out which ones causing the problem.
Dave
doliver55 said:
Hi
Wonder if you guy's can help. Just got a sim free defy and have noticed it seems very data hungry from the off.
Installed a data app and its saying im using 5 mb + a day.
What is it doing, to use all this data all i seem to have done is put my location in the weather app thats built in, logged on to my face book and thats about it. oh and set up my o2 email account.
Cant seem to find how to limit the size of email download in the accounts.
How can i monitor each individual program and find out which ones causing the problem.
Dave
Click to expand...
Click to collapse
you could try setting up something on 'data manager'
Whats everybody else's usage average out each day only asking cause its my works phone sim and don;t want to get stung for data usage.
Today it's 2,76MB, though I've used 1,39GB over the last month.
I have 3GB included in my contract. couldn't care less about traffic ...
but if you want absolute control install droidwall and see what connects to the internet.
doliver55 said:
Whats everybody else's usage average out each day only asking cause its my works phone sim and don;t want to get stung for data usage.
Click to expand...
Click to collapse
An Android phone was a mistake if you're looking to avoid heavy data usage.
my average is about 30 mb on weekends (out of wifi range) and like 2 mb on weekdays as I'm on school holidays and moslty always in wifi range
[UT] X-RAY said:
I have 3GB included in my contract. couldn't care less about traffic ...
but if you want absolute control install droidwall and see what connects to the internet.
Click to expand...
Click to collapse
Cheers for the droidwall tip, seems a good way of restricting a lot of things
I also observe that Android sometimes produces traffic without an order to do so. 3gwatchdog counts the traffic and shows the origin-applications, some are just google or motoblur stuff but without any option to deactivate traffic or updates or whatever they're doing.....
mrt3k said:
I also observe that Android sometimes produces traffic without an order to do so.
Click to expand...
Click to collapse
Of course, the OS is designed to be used with an always-on data connection.
If you don't have one of those, an Android phone is not a good idea.
I do have unlimited traffic, but a speed limitation after 200 MB to 64kbit/s which isnt fun anymore.
Thats the problem of the big ans usually good providers in Germany, even the highly priced agreements have that little traffic included.
Thus, I think it should be possible to deactivate useless data traffic even in Android, mh? There should be some options that deny traffic usage in general and also for single apps. (btw. I tried droidwall, but some apps tunneld the firewall and produces traffic anyway!)
mrt3k said:
Thus, I think it should be possible to deactivate useless data traffic even in Android, mh?
Click to expand...
Click to collapse
There are ways to completely disable data usage but I'm, not sure it's possible for individual apps.
But, like I said, if heavy data usage is a concern, Android is not the right OS for you.
Ignore Step666 his talking crap, android is a good OS even if ur not connected all the time, (I dont even use 3g connection, I mostly use only wi-fi) ..not everyone hangs on facebook all day or needs those weather widgets and stuff like that... really depends on a user.
but if u have a problem with heavy data usage i can help
-first a program that will help u monitor your usage (u can also reset counters monthly) - try traffic counter extended, there are also other apps that help u limit how much data u can transfer over wifi/cell
-second i think droidwall is the app u are looking for
(its a firewall for Android. This is for users that don't have an unlimited data plan. It allows unrestricted WiFi access, however it blocks all access over the cellular network unless you add the application to the whitelist.)
Also, try disabling auto sync on the power control widget.
Peglezn said:
Ignore Step666 his talking crap...
Click to expand...
Click to collapse
No I'm not.
The fact you're having to install third-party apps to prevent the phone from automatically connecting to the internet merely proves my point - it is designed to be used with an always-on internet connection.
there was a third party app called DROIDWALL...it allows you to block all the unwanted apps from connecting with internet.. and yes it allows only specific apps to be blocked..
yeah use droidwall, its easy - set it to "white list (allow selected)" then select the google system apps and the apps you like to have internet access, any new apps you install wont get net access unless you add it to the white list, making it easy to manage.
you can also restrict wifi and/or 3G per app.
nice for apps like notepad that somehow need internet access.
Thanks for your ideas.
I did already use Droidwal for some time, but it did not function properly.
I blocked certain apps and for some time I blocked all apps, includig system apps. And what happened? There was data usage by any program, at least the traffic counter showed traffic usage. Thus, it seems not to block really what I set to block. :-/
Thx for the tip with Droidwall! Works great
mrt3k said:
...Thus, it seems not to block really what I set to block. :-/
Click to expand...
Click to collapse
I had to apply the rules manually... Did you try?
What do you mean by "manually"? You can manually set apps to white- and blacklist, yeah, or what u mean?
so i just my new galaxy nexus and to check my work email (through an app called lotus), it checks my phone to make sure i have a 10char+ complicated password set. as you can imagine, having to enter a 10char+ complicated password everytime you want to get to your phone is annoying. is there a way to bypass this? i am rooted...
The password is thought, to kep the phone safe. Just make an easy password, and leave it be. And why not just use the mail app, that is shipped? It's good enough.
familyguy59 said:
The password is thought, to kep the phone safe. Just make an easy password, and leave it be. And why not just use the mail app, that is shipped? It's good enough.
Click to expand...
Click to collapse
company requires us use lotus and requires password to be extra strong
unknown00 said:
company requires us use lotus and requires password to be extra strong
Click to expand...
Click to collapse
So let me make sure this is clear: You are asking for help on bypassing security enforced by your employer, without discussing it with the administrative/tech support team? You are aware that many businesses have clauses that if you bypass their security, you can loose your job over it.
Honestly, I would attack this problem from the other end. Go to your manager and put a business case on why having such a strong password on a mobile device is not needed. Do your research and go in detail about how secure different passwords can be, look at the app, see if there is an auto-wipe for # of incorrect password attempts (if you can't brute force it, then a weaker password might just be as good). Mention the enhanced security the nexus device has (full device encryption), etc etc etc.
If you do it right, you will get recognition for being a forward thinker, for following the rules, and if successful, for saving the company money on their bottom line.
I do IT support and if one of my users by-passes my security, I'm talking to their boss and will SEVERELY restrict anything they do down to the bare minimum needed for the job.
It's also possible that you are in a position where you e-mail is highly sensitive and the risk of having that e-mail fall into a competitors hand is so great, that these security needs are required.
You can set the timeout b4 you are asked to enter your password again. I did it when i was on 4.0.2, but I can't remember where or how i did it though.
manager hates the pw requirement too and wants to get rid of it. it's something corporate put up that everyone complains about. there is nothing i can do personally as the company is too large. i just want to figure a way around it if possible
Herman76 said:
You can set the timeout b4 you are asked to enter your password again. I did it when i was on 4.0.2, but I can't remember where or how i did it though.
Click to expand...
Click to collapse
Bump, in case you missed it since we answered simultaniously.
unknown00 said:
there is nothing i can do personally as the company is too large.
Click to expand...
Click to collapse
And it's that attitude that will prevent any changes from occurring.
Personally, I worked at a company of about 100,000 people that has an international presence. I was successful with a BPI project where we licensed an application to manage multiple monitors (this is before win7) I had to show that the increased productivity offset the cost of the application.
Matridom said:
And it's that attitude that will prevent any changes from occurring.
Personally, I worked at a company of about 100,000 people that has an international presence. I was successful with a BPI project where we licensed an application to manage multiple monitors (this is before win7) I had to show that the increased productivity offset the cost of the application.
Click to expand...
Click to collapse
i work in a company of 400000+ internationally and is one of the largest IT companies in the entire world (take a guess ) but in all seriousness, it's not possible that 1 person can get rid of pw requirement. sry, don't argue that point
Figured it out. If you set security to pin (I only tested it with pin), you will get an option to choose timeout b4 you will get asked for pin again.
Combined with short timeout for screen off, I think this will be a good workaround.
Sent from my Galaxy Nexus using Tapatalk 2
Herman76 said:
Figured it out. If you set security to pin (I only tested it with pin), you will get an option to choose timeout b4 you will get asked for pin again.
Combined with short timeout for screen off, I think this will be a good workaround.
Sent from my Galaxy Nexus using Tapatalk 2
Click to expand...
Click to collapse
i understand this is a "workaround" that may work but i'm looking for a permanent fix to get rid of it as a whole
When your out traveling you often connect to different wifi spots(restaurants, hotel,...) and you never know how what happens behind.
Is there a way to use your phone on Internet in a safe way? Like a switch on your home screen you can turn the it on/off easly? I guess you need an app, a vpn or a server of some sort??
What do you mean with "in a safe way" ?
For example gmail uses a cripted (SSL) channel to read/send email. Is SSL "enough" safe for you ?
Using a "public" hotspot is not less "safe" than acecss your online backing form a pc at office. Is it possible for the "neworking guy" to see that you are accessing an online bank? Yes, for sure. Could he read your PIN/passwd and steal your money ? If your bank has a decent website (HTTPS) probably not (or not so easily..).
Do you wnat to be "safe" to read an online newspaper for last headnews?
Tor, private VPN
Sent from my i9250
kliw said:
For example gmail uses a cripted (SSL) channel to read/send email. Is SSL "enough" safe for you ?
Click to expand...
Click to collapse
With the easy availability of Jasager routers and how simple SSL-stripping is, no, SSL isn't safe enough on a public wifi.
As bk said, either use Orbot (TOR's Android implimentation) or a private VPN that provides endpoint-to-endpoint encryption.
I usually tend not to do any super personal stuff over public wifi - that means access gmail, google drive, etc.
I tend to stick to browsing websites for reading and that's it.
Chances are, if it's in a known location of a big business you probably have nothing to worry about.
A mom-and-pop coffee shop, or a crummy hotel wifi access point I'd be skeptical of the security enforced.
Here you go..
http://forum.xda-developers.com/showthread.php?t=1350941
akira02rex said:
Chances are, if it's in a known location of a big business you probably have nothing to worry about.
Click to expand...
Click to collapse
Actually, a big business's wifi is probably less safe. Anyone who wants a large number of targets at once just needs a Jasager router, the ability to launch a de-auth attack (not difficult at all), and a local Starbucks.
[Q] how hide apps in start menu of Windows 10 Mobile "or" add whitelist to Edge?
Hi,
is it possible to "hide" an app from the W10M start menu? And I don't refer to the home screen, I mean the full list of apps.
Or would there be a way to let the browser only work with a whitelist? .. No, Microsoft Family does not work properly on W10M.
Background - feel free to call me soft:
- Bought a Lumia 640 XL for my wife and a 2nd hand Lumia 535 for my daughter (to be her first smartphone, getting 9 end of the month) so that they could "share" the same experience, more or less.
- Played around with the "Microsoft Family" feature, and, to make it short, it doesn't work properly, not nearly close to what was expected or advertised. That might change ... in a few months. Maybe.
At least the URL filtering does not work "at all".
- So, in short, in order not to instantly fall back to pick an Android based device for my daughter (one beloved Razr i still in close range...), I was wondering if it was possible to "hide" one or the other thing from the start menu instead, the Edge browser in particular. Uninstallation I don't expect to be possible, probably being a deeper chunk of the OS, but only touching the start menu I concluded "should" be possible, one way or the other. At least I hope so.
Would I start to deal with the "full file system access" approach or rather try to dive into registry fiddling? Any help or maybe clear hint would be highly appreciated.
By now I did not find anything related to this. Neither here at xda or somewhere else. Probably no one considers doing something like that for his kids on Windows 10 Mobile ...
Who would want to hide a browser on a smartphone, anyway? .. yeah, I can't keep my kids "off" of the bad Internet, but I can at least keep an eye upon as long as possible.
Thanks in advance,
regards,...
bloodot
additional remark:
... after adding "a few" URLs to Microsoft's web interface for blocking URLs (via a web automation tool, yeah, I'm lazy...) it stopped working at 1003 regitered URLs. So, as long as they don't come up with something that works (whitlist... external service for checking URLs... whatever...) any help on this matter would be highly appreciated.
You want to keep her off the "web," correct?
Change your Mobile Data & Wifi DNS to 127.0.01
(You will need interop/FS access: )
Create a hosts file in C://Windows/system32/drivers/etc
Determine what sites you want to *allow* and find their IP. For example, if you want to whitelist Facebook, open cmd.exe from your PC and type:
Code:
ping facebook.com
You'll see:
Code:
C:\WINDOWS\system32>ping facebook.com
Pinging facebook.com [31.13.76.68] with 32 bytes of data:
Reply from 31.13.76.68: bytes=32 time=75ms TTL=82
Reply from 31.13.76.68: bytes=32 time=76ms TTL=82
Reply from 31.13.76.68: bytes=32 time=79ms TTL=82
Reply from 31.13.76.68: bytes=32 time=74ms TTL=82
Ping statistics for 31.13.76.68:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 74ms, Maximum = 79ms, Average = 76ms
C:\WINDOWS\system32>
So, you'd add:
Code:
31.13.76.68 facebook.com
31.13.76.68 www.facebook.com
to your phone's host file.
If you can create profiles on your router, you can also do the same (DNS to 127.0.01 for her phone's MAC address)
Doing this would make all of the web unresolvable, except facebook.com
To change the Wifi DNS:
Settings -> Network & Wireless -> Wi-fi -> Static IP -> fill your info
*If your router doesn't support static IP, you should check and see if your router supports profiles, and build one to target her phone mac address.* (If you don't target her mac address/other phone identifier and set your router to 127.0.01, all of the devices on your network will encounter blocked access to the web)
For Mobile Data:
I don't see an immediate switch for this (at least with my provider), it's routed through a network port on their servers. Unless something changes in future builds, it's probably best to just turn mobile data off and use the Wifi/hosts to keep control of what sites she can access.
Thank you very much!
Point is, I don't want to keep her off completely, and the major issue would be to keep control once she's "not" inside our home network but on cellular.
So I think I need to start investigating on my own whether I can manipulate the start menu or even the browser itself.
The local DNS lookup, which would only work on WiFi anyhow, would also result in me analyzing all communcation end points for "any" kind of
app I'd like her to use. Doable, but still the mobile part would be open. Beyond that I cannot block here "re-enabling" the cellular data connection,
the system isn't that strict in that matter. Would be nice, though, ...
@home I already use OpenDNS, probably should have mentioned that, so that's more or less under control.
Let's see if some other ideas or approached pop up from xda; I'm actually trying to get in direct contact with one of the Microsoft Family team
as, on a business level, we're currently working closely with some of the Microsoft 10 teams.
If they, if connected that is, tell me that they're aware of the bugs and that they're actually part of a road map, I'd be happy, too.
However, for the time being I expect I have to sort it on my own.
I'll give it a go with interop and see what I can find to deal with.
So, any other ideas?
Regards,..
bloodot
How about interopunlock and use your own hosts file?
How about App corner inside settings?
augustinionut said:
How about interopunlock and use your own hosts file?
How about App corner inside settings?
Click to expand...
Click to collapse
... the hostsfile will only work via WiFi, at least that's my current understanding as for cellular one cannot change the DNS settings, meaning, you can't make them point towards 127.0.0.1.
App Corner I already "played" around with - it has some other issues
- it's buggy, sometimes it doesn't even start.
- can be bypassed by just restarting the device
- everything "allowed" is available to public, more or less.
- the App Corner does not allow "games" to be made available ...
... hey, so what about the kids' corner?
- well, that doesn't allow the phone app... but still, that would also be a half-baked approach again.
I hope it were at least three different teams designing those packages, the kids' corner, the app corner and the family safety integration.
As a whole, NONE of them delivers what a parent needs when actually "permanently" giving a Windows based phone to one of his children.
bloodot said:
... the hostsfile will only work via WiFi, at least that's my current understanding as for cellular one cannot change the DNS settings, meaning, you can't make them point towards 127.0.0.1.
App Corner I already "played" around with - it has some other issues
- it's buggy, sometimes it doesn't even start.
- can be bypassed by just restarting the device
- everything "allowed" is available to public, more or less.
- the App Corner does not allow "games" to be made available ...
... hey, so what about the kids' corner?
- well, that doesn't allow the phone app... but still, that would also be a half-baked approach again.
I hope it were at least three different teams designing those packages, the kids' corner, the app corner and the family safety integration.
As a whole, NONE of them delivers what a parent needs when actually "permanently" giving a Windows based phone to one of his children.
Click to expand...
Click to collapse
PIN + kids corner. Can't bypass it.
-W_O_L_F- said:
PIN + kids corner. Can't bypass it.
Click to expand...
Click to collapse
... it's not my phone she should use. She should be able to use her own phone.
That includes calling her mum or me.
"Phone" is not an allowed app for the kids corner, it ain't listed when setting that up.
And even if it was, it would allow "anyone" who would steal that phone to directly use it's SIM card hazzle free.
And, as a minor annoyance, anything else that would be allowed via that mechanism.
It's just the current truth to deal with, W10M is not child-ready by any means.
If I want more control, I need to switch the phone.
Or start trusting a 9year-ish old girl to deal with the Internet without restrictions.
... so fiddled around with a few things, though interop is active according to the tool itself after sideloading it, wconnect won't work at all (crashes, no proper error given and before that IpOverUsbInstaller won't finish installation), so I can't get that key to get the SSH connection done and therefore I can't get full file access.
I think I'm done with this now. Selling the phone, using the Razr I instead, already have the proper system locking tools in place for that, bye bye Lumia 535. I would have loved to see my child deal with such an "easy" OS interface for getting used to smartphones, but I can't let her have access to the Internet while "not at home" without restrictions. No way.
... went so far and tried miradore to restrict the system via MDM. And guess what ... the f'n browser CANNOT be blocked via MDM. At least miradore has a free trial of 14 days. I was even willing to pay the damn 2$ per month for that service. *sigh* MAYBE it has a URL filter SOMEWHERE ...
... however, at least one can disallow the "usage" of the browser. MAYBE that works. Trying...
Yes. Works. JESUS ... what a mess. Let's see if I can get that done somewhere / somehow via MDM "without" another monthly fee ...
yeah, worked. Pitty though, they want "10$" minimum fee per month.
BUT: ... I stumbled over https://www.manageengine.com/mobile-device-management/
Free for up to 25 devices. Either cloud based (not supporting W10M for now) or Windows based installation (supporting W10M, more up2date...).
And it works. Thank you very much. Case closed.
Though I cannot restrict the URLs ... I can blog the Edge browser. And the Microsoft Store. Happy bunny.
Alright, I'm in that nice panic stage where you've learned enough to scare yourself but don't know enough to reassure yourself.
Had a factory reset recently, seems likely it was due to 3rd party lock/wipe app i triggered while dealing with my dog. (But not 100% sure there was a drop just prior and I've had stability issues since school has required me add a work profile but, of course tech support for both Microsoft and my school have zero response to inquiries)
Any way, user certificates now has two:
FindMyMobile
AttestationKey_com_wssyncmldm
And I have no idea how to verify those in any way. Its quite possible isn't it that an app could have actually installed them right?
Findmymobile, obviously is such a cert, allowing for find my mobile. It has a key a CA cert and user cert.
AttestationKey_com_wssyncmldm
Has a user key and user cert
I would say it's the school/work profile. Microsoft InTune is for enterprise IT management. If your school's IT managers don't know how to configure it, it can screw things up for everyone.
Try deleting your school profile and see what happens.
My company recently migrated from Google to Microsoft services and when I added my company as a work profile, my phone started acting wonky.
Sent from my SM-N976V using Tapatalk
I would reload and not put the crapware back on it.
It's your phone... my favorite word is No!
I have zero faith in the new MS; don't run any of their cloud junk on my 10+ and never will.
Find my device is normally present. You can disable it as a device administrator in advanced security settings.
It will auto enable on reboot or sometimes when you go to Playstore.
HungryRobotics said:
Alright, I'm in that nice panic stage where you've learned enough to scare yourself but don't know enough to reassure yourself.
Had a factory reset recently, seems likely it was due to 3rd party lock/wipe app i triggered while dealing with my dog. (But not 100% sure there was a drop just prior and I've had stability issues since school has required me add a work profile but, of course tech support for both Microsoft and my school have zero response to inquiries)
Any way, user certificates now has two:
FindMyMobile
AttestationKey_com_wssyncmldm
And I have no idea how to verify those in any way. Its quite possible isn't it that an app could have actually installed them right?
Findmymobile, obviously is such a cert, allowing for find my mobile. It has a key a CA cert and user cert.
AttestationKey_com_wssyncmldm
Has a user key and user cert
Click to expand...
Click to collapse
So are these both normal then?
sirv said:
So are these both normal then?
Click to expand...
Click to collapse
I don't know. I don't have a work profile set, and I show no user certificates.
The names seem off too. I see why the OP was a bit shook up. I'm running a AT&T 10+
Here's how they show on my 10+, it's running fast and clean.
sirv said:
So are these both normal then?
Click to expand...
Click to collapse
Find my mobile is for find my mobile being active when you have a VPN that may block it.
The other I still don't know but may be Knox related under same circumstances.
Thank you, @blackhawk and @HungryRobotics
I had a similar guess, that findmymobile was the Samsung service. Since I was using a VPN-based ad block (Adguard), it makes sense that it appeared there.
As for the other one (AttestationKey_com_wssyncmldm), I'm still not sure, but I wonder if it was for the Link to PC service.
It's alarming to find anything in User Certificates, honestly, and there seems no way to get information that they are legit. My hope is that it is only the system apps that can install certificates without user intervention.
sirv said:
Thank you, @blackhawk and @HungryRobotics
I had a similar guess, that findmymobile was the Samsung service. Since I was using a VPN-based ad block (Adguard), it makes sense that it appeared there.
As for the other one (AttestationKey_com_wssyncmldm), I'm still not sure, but I wonder if it was for the Link to PC service.
It's alarming to find anything in User Certificates, honestly, and there seems no way to get information that they are legit. My hope is that it is only the system apps that can install certificates without user intervention.
Click to expand...
Click to collapse
wssyncmldm is the infamous AT&T updater usually listed as in my previous screen shot.
Seems it might have something to do with this.
My guess is it has to do with setting up the work profile.
If it was there on the AT&T stock rom, after a factory reset it should be ok.
Maybe check with AT&T.
blackhawk said:
wssyncmldm is the infamous AT&T updater usually listed as in my previous screen shot.
Seems it might have something to do with this.
My guess is it has to do with setting up the work profile.
If it was there on the AT&T stock rom, after a factory reset it should be ok.
Maybe check with AT&T.
Click to expand...
Click to collapse
I don't have AT&T, but it could be an updater for my carrier.
sirv said:
I don't have AT&T, but it could be an updater for my carrier.
Click to expand...
Click to collapse
Those apps have every permission under the sun. Check to see what is set as system administrators. Find my Device will be there.
I don't know.
Maybe it's nothing but what if it's something
I found these and other User Certificates on another device, too. It's disconcerting. Is it known, can any app install User Certificates?
This may be helpful:
How To Remove all Stored Certificates on Android - Technipages
Ever been greeted by a popup saying, "The certificate doesn't come from a trusted authority?" when trying to access a website? These security certificates
www.technipages.com
Lockdown time, add Karma Firewall, a VNP based freeware app that uses almost no battery and has logging. Can run at boot up.
I also use this setting to globaly block ads...
blackhawk said:
This may be helpful:
How To Remove all Stored Certificates on Android - Technipages
Ever been greeted by a popup saying, "The certificate doesn't come from a trusted authority?" when trying to access a website? These security certificates
www.technipages.com
Lockdown time, add Karma Firewall, a VNP based freeware app that uses almost no battery and has logging. Can run at boot up.
I also use this setting to globaly block ads...
Click to expand...
Click to collapse
It's strange, I can find nothing online about common entries in User Certificates on Android. My thought is that they get generated when VPN is used, such as AdGuard.
Thanks for the Private DNS tip for ad blocking. In the meantime, I have been using Disconnect Pro (based on Knox).
sirv said:
It's strange, I can find nothing online about common entries in User Certificates on Android. My thought is that they get generated when VPN is used, such as AdGuard.
Thanks for the Private DNS tip for ad blocking. In the meantime, I have been using Disconnect Pro (based on Knox).
Click to expand...
Click to collapse
Can you delete them?
If you don't do/want OTA updates wssyncmldm isn't needed.
I'm still happily running on Pie...