Browser Security Issue - Nexus One General

Hello,
Problem concerns one of the biggest polish banks (www.mbank.pl) and its internet transaction system.
Usually when you I am logging to the system it is encrypted connection (small padlock visible), and site address is http://www.mbank.com.pl - and this is standard situation.
2G/3G - Default Browser
Now when I am trying to log in using default 2.2 Nexus browser there is no small padlock visible and site address is: http://10.158.226.75/www.mbank.com.pl
I can typy in credentials but when hit LOGIN I receive information that my browser does not accept cookies (cookies are enabled).
2G/3G - Delphin Browser
Same issue as on Default Browser
WiFi - Default Browser
Everything works fine.
2G/3G - Skyfire Browser
Everything works fine.
Most suspicious from my perspective is this IP address http://10.158.226.75....its like he can not use secured connection...but only on 2G/3G?
EDIT:
Now I discovered that putting https://www.mbank.com.pl solve the issue....
What could be the reason of such behaviour?

You have just possibly fallen a victim of "phishing" - a site trying to disguise itself as another site. This is not about browser, but about the site itself.
I've tried to trace 10.158.226.75, but it's not visible - so I guess it might be a proxy of your cellular data provider. But it might be something worse.
1) Just in case, please change your password for the banking site, and never write your credentials when you see that the address is different from what you've expected.
2) Try to use trace route sites from the phone to understand, what is this IP and whom does it belong to.
If there is a padlock - you're using HTTPS, not HTTP. Always, without exceptions. You might just be automatically forwarded to HTTPS site.
[edit] Checked things a bit. The site is www.mbank.pl, not www.mbank.com.pl - and it's not secure. When pressing "Log in", you get to https://www.mbank.com.pl, and it's secure. Put attention - HTTPS, not HTTP.
And lastly, it doesn't have anything to do with browser security.

Could be a proxy provided by your network provider as it only occurs when using 3G.

Thanks Jack for the answer.
To be honest I dont think its phishing but just in case I will change the password.
I think there is something wrong with the link between http://www.mbank.pl/ and https://www.mbank.com.pl/ (link is under LOG ON button).
When I am trying to open https://www.mbank.com.pl/ using LOG ON button I open http://10.158.226.75/www.mbank.com.pl (please note it is not secured). Its like browser automatically does not accept some certificate or something.
However when I open https://www.mbank.com.pl/ directly (typing in address) it works fine and I can login to the system.
Most suspicious is that on the WiFi it works just fine....

brachson said:
Most suspicious is that on the WiFi it works just fine....
Click to expand...
Click to collapse
That's the reason I supposed that it might have something to do with your cellular data provider.

Related

Can't Access Secure Sites Through T-Mobile

Hi,
Just bought my TD2, and overall happy with it... I started testing it out and noticed that the browser cannot access any secure sites (including but not limited to: ANY webmail like Yahoo or Gmail, school login, or internet banking site).
I am a T-Mobile UK contract user (Flext). When I first turned on the phone I let it automatically configure for internet use. For general browsing that worked fine, but wouldn't let me access the sites mentioned above.
I called T-Mobile and, though they tried to be helpful, never figured out the problem. I know this is not a general T-Mobile issue because I was able to access these sites on my older phone, and I know it's not a browser issue because when connected through Wi-Fi (to my home network) it's perfectly fine.
So - if anybody has had or heard of this issue before, please help! There must be SOME setting or option that I'm missing, that prevents me from accessing secure sites!
I have the standard ROM, which includes Opera 9.5 build 16277, and Internet Explorer (of indeterminate version). Both browsers have this issue, in different ways: Internet Explorer claims the website doesn't exist:
"Cannot find 'http://mail.google.com/mail/x/?source=mobileproducts&dc=gorganic'. Make sure the path or Internet address is correct."
Opera 9.5 does one better and crashes: "We're Sorry... A problem has occurred with Opera9.exe"... followed by the option to send an error report to Microsoft.
As I said before it's NOT a browser problem because when connected to my home Wi-Fi network, both browsers work fine in secure sites.
Any help would be appreciated.
Thanks,
Wassim
The T-Mobile auto configuration puts an entry under Proxy Servers which you need to remove (go to "Settings, All Settings, Connections, Connections, T-Mobile Internet, Manage Existing Connections, Proxy Settings" and check "connect direct to the internet"). Your problems should now go away and Opera shouldn't crash any more (you may need to soft reset before this takes effect).
Thank you Pete... I can't believe it was that simple, but it worked! Funny thing is, I could have sworn that option was checked off previously. But I did it again, and soft reboot, and now I can access any site I damn well please!
I'll let the guys at T-Mobile know in case some other poor guy has the same issue.
Cheers,
Wassim

WLAN :: Browser authentication trouble

Hey guys,
At my school the students have access to an open WiFi network. The internet connection is routed through a local proxy, and when we first open the web browser we are presented with an authentication page where we input username and password. Using Firefox, Chrome, or any other browser on a regular computer, this works just fine.
On my Hero however, something prevents it from working correctly. I get the authentication screen, input my username and password, I click Login, but from here nothing seems to work.
The proxy spits out a message saying something like "authentication successful, logging you on to the network", but then it says something about a DNS timeout, and that I have to restart my browser to gain internet access.
Obviously, that doesn't work. I tried once to load google.com, using its IP and it worked I think (given that the browser didn't load it from the cache). I guess the problem somehow relates to the way Android handles DNS.
My Hero is not rooted, and for various reasons I'm not planning to do it either. Running latest official ROM.
Any assistance would be greatly appreciated, as IT on my school doesn't seem to actually know anything about the authentication process.
I also have problem with secure login but in my case I can't load the securelogin page where I need to enter the user name and password.
Non android phone don't see this problem and also I don't have this problem with my android at my home with open WIFI.
I am using HTC Hero G3 with official android 1.5.
Hi, has anyone been able to make this work?
I'm also having the same experience but with my x10mp.
the browser login page is not displaying so i'm unable to use the wifi.
shameless self bump.
i have already tried 2 apps (Open Wifi Login and Browser Wifi Login) that should have solved this but did not.
can anybody help with this issue?

Proxy Login

I have no idea what I did before this happen since I only need the service at certain places, so here goes...
I work at an airport that offers free WiFi to travelers. The WiFi is open without a key but when browsing, it redirects you to their proxy which has you click on a button that says you accept their User Agreement. Then you have full access to the Internet.
At school, the same thing. An unsecured WiFi access point, with a proxy that requires me to login with my school user id and password.
The reason I know it's the phone and not the connection, is that my Samsung Jack finds the proxy at work.
Please help,
Thanks
You never really stated what the problem was... is it not finding the proxy, or not letting you log in?
WM doesn't have proxy autoconfig script support, but Opera Mobile does. You need to type in the proxy settings yourself manually (by setting it to "Work" network). When you use the browser it should prompt you for credentials automatically.
Talk about rambling without saying anything at all...
My problem is finding the proxy server. Both IE and Opera found it. Once I get to the page, accepting the agreement and logging on worked fine. I never had to manually configure proxy settings when it did work.
I hope when I am able to get to the page I won't have that problem too.
Thanks
I figured it out. I remembered that I had installed Lookout Mobile Security and checked the Firewall settings. I disabled it and it worked.
Is a security app really necessary on a mobile?
I've never found the need for AV/Firewall software on a mobile (didn't even know firewalls for WinMo existed!)
There are very, very few WinMo viruses around and I've never got one. Then again, I've never got a Windows (PC) virus either... as long as you don't install suspicious software then you should be fine.

Vibrant Wifi problem (Clean Access)

I have a stock Samsung Vibrant. It connects to my home wifi network just fine and is very fast.
At my school we have to register the mac address' of devices we have on their Clean Access servers. I have registered many devices that work fine.
I registered the mac address of my Vibrant, and it can connect to the wifi, but it will not load a web page. Does anyone have any idea of what is wrong.
I also registered my roommates Vibrant. His does not work either.
I work at the Schools Tech Support so I have access to register and edit my phone on their Clean Access servers.
Does anyone have any solutions?
are you using WPA/WPAv2 or WEP + RADIUS authentication? Does your vibrant obtain an IP address successfully? Can you ping the default router?
The wifi that works at my apartment is WPA2.
The wifi at school is an open network. I can fully connect to their wifi.
Status Connected
Speed 48Mbps
Signal Strength Good
Security Open
IP address (a real IP address)
Im going out on a limb here. I am going to say its the Clean access and your "open network". I assume on your schools computer you use your student ID and some password. Your phone would need the same thing if that is the case. I know at my school, iphones are the only phones that can access our clean access. If its not the case then i am sorry.
my school runs clean access and it works fine. but they have two networks a guest and a login. i use the guest cause i don't want to waste the time to login. but i can try it on monday. typically with linux (i.e. android) you have a web portal and have to agree to some antivirus bs by clicking a button and that's it (and login for the non guest network). one thing i have noticed, though, is that typically i have to turn wifi on, connect to the network, try to load a page, it doesn't work, then i turn wifi off then immediately back on and try to load a page and it takes me to the login/terms portal page.
GTASouthPark said:
The wifi that works at my apartment is WPA2.
The wifi at school is an open network. I can fully connect to their wifi.
Status Connected
Speed 48Mbps
Signal Strength Good
Security Open
IP address 140.209.21.68
Click to expand...
Click to collapse
You should remove the IP from post. Anyways, it seems like the handshake is good. Note down the address of redirected terms and conditions page you get when trying to go online from a laptop. Then enter the same address in vibrant's browser once you are connected through Wifi ( or set it as homepage) and see if that lets it through.
Probably an issue with Android's lack of native NTLM support. AFAIK this is still unresolved. Have you tried using Fennec rather than the stock browser? I've heard you can authenticate properly using it.
Siks said:
Probably an issue with Android's lack of native NTLM support. AFAIK this is still unresolved. Have you tried using Fennec rather than the stock browser? I've heard you can authenticate properly using it.
Click to expand...
Click to collapse
interesting. i use dolphin hd and it works for the clean access web authentication page.
Could be, if your school does not have a guest account login for devices, that you are getting on the segregated network because CA cannot verify the "cleanliness" of your device. When I setup CA it verified patch levels and such on the non-guest network, so unless CA comes out with a Android client/access list, it may not work.
watcher64 said:
Could be, if your school does not have a guest account login for devices, that you are getting on the segregated network because CA cannot verify the "cleanliness" of your device. When I setup CA it verified patch levels and such on the non-guest network, so unless CA comes out with a Android client/access list, it may not work.
Click to expand...
Click to collapse
except then it wouldn't allow osx or linux. clean access requires an app for windows to verify service pack and av and whatever, but for linux and osx it doesn't. it wouldn't be able to (at least for linux).
funeralthirst said:
except then it wouldn't allow osx or linux. clean access requires an app for windows to verify service pack and av and whatever, but for linux and osx it doesn't. it wouldn't be able to (at least for linux).
Click to expand...
Click to collapse
That is correct but it can ID the operating system and has exceptions for those flavors ...
Hey it's me again.
I don't think it's an android thing because I had my G1 on the servers.
Normally what happens if you aren't registered on Clean Access is, if you open a web browser, you will be automatically redirected to an authentication page where you put in your school ID and password. This would work fine and allow me to get on the wifi, but it never came up on the web browser, it just tries to load the page for awhile and goes to a 'Page cannot be displayed' page.
Also I have tried using different browsers, including Dolphin HD.
If I can just get to the authentication page even it will be fine, I could work with that.
Also the school does have a guest login, but you have to get to the authentication page, and I wouldnt want guest access since it limits time, bandwidth, and features.
That is exactly what I said my last reply...Try putting https infront of your authentication URL, and make sure the java-script etc. is on in your browser...Try clearing cache and hit refresh as well. Also, see what happens if you set that URL as homepage...
GTASouthPark said:
Hey it's me again.
I don't think it's an android thing because I had my G1 on the servers.
Normally what happens if you aren't registered on Clean Access is, if you open a web browser, you will be automatically redirected to an authentication page where you put in your school ID and password. This would work fine and allow me to get on the wifi, but it never came up on the web browser, it just tries to load the page for awhile and goes to a 'Page cannot be displayed' page.
Also I have tried using different browsers, including Dolphin HD.
If I can just get to the authentication page even it will be fine, I could work with that.
Also the school does have a guest login, but you have to get to the authentication page, and I wouldnt want guest access since it limits time, bandwidth, and features.
Click to expand...
Click to collapse
did you try turning on wifi, wait for it to connect, try to load a page (any page because it will redirect you), wait for it to time out, pull down the notification bar, turn wifi off, turn it back on and then reload the page? i know it sounds dumb, but this is the only way i've got it to work at my school and it works every time...
watcher64 said:
That is correct but it can ID the operating system and has exceptions for those flavors ...
Click to expand...
Click to collapse
to what flavors? i'm guessing android will show as linux since it's based off a linux kernel. more than likely it checks for windows, and if false goes to the default linux/osx page because to clean access those aren't threat os's.
VICosPhi said:
That is exactly what I said my last reply...Try putting https infront of your authentication URL, and make sure the java-script etc. is on in your browser...Try clearing cache and hit refresh as well. Also, see what happens if you set that URL as homepage...
Click to expand...
Click to collapse
they don't have the authentication URL on their homepage so I don't know what it is, it should automatically redirect me to it.
Also when I connect to wifi, try to load a page, let it time out, turn off wifi, turn it back on and connect again, and then refresh the page.. nothing happens it times out again.
Ok so I did find out the authentication page URL. Typed it into my phone. I had high hopes when a page saying "You are being redirected to the network authentication page. If you are not redirected automatically, then please click HERE".
Anyway it did redirect me, to a "Web page not available"... etc.
In the default browser it gave me the error... "Data connectivity problem. A secure connection could not be established". umm wtf?
Can you communicate with other protocols/ports? I used to be able to exploit a bug with our school's CCA servers where I could just connect unauthenticated and use SSH. (Maybe it was a feature?)
I can't use any other web protocols.
Bump. Okay. I've figured out how to do this . '
it's a t mobile vibrant either kernel or rom problem. My phone connected the very first time I tried to use it at an argosy site, then never ever ever again.
so. I used wifi manager to find out what the ip, gateway, subnet mask, and dns 1 and 2 were. I went to settings, wifi, options key to go to advanced options, from there selected static ip and entered all the info I gathered
bam! ! Connected every time.
Oh and btw, the reason I say its a tmobile vibrant rom or kernel problem is that on fusion, Eugene's and bionix final, I was able to connect right away, every time . And on my f friends att fascinate and verizon captivate, they never had to enter the static ip like I did. They connected right away every time . Yet everyone I know that had s vibrant kept having the same proble. m i did .
Tmobile. What a piece of ****. Anyway I figured nobody had this figured out so I'd jump in.
Hope this helps out some people. GL

Nexus 7's Chrome will not redirect for Wifi Authentication

The wifi at my university either prompts devices for a log in or redirects the browser to a log in page to fully access the wifi. I cannot for the life of me, get my nexus 7 to fully connect. No prompts and chrome will not redirect. Any help would be appreciated!!
Typically on my laptop or other tablets in my University, whenever I connect to the Wi-Fi either a pop-up prompt appears where I can enter my log in info or I go on to my browser (also chrome) and enter a website liek facebook or yahoo and it will redirect to the University's Wifi page and I can log in from there.
My Nexus 7 doesn't have a pop-up prompt when I connect to the wifi nor does the Chrome redirect. Any tips?
That's weird. I connected to the harvard medical school network at where I work and when I tried going to a web page (espn), the redirect occurred and I could sign in. Don't know why it isn't working for you
bammarata89 said:
That's weird. I connected to the harvard medical school network at where I work and when I tried going to a web page (espn), the redirect occurred and I could sign in. Don't know why it isn't working for you
Click to expand...
Click to collapse
I have no idea why, I'm connected to Cornell Medical School wifi as well, and typically i'd have to type in my log in and my password when Chrome redirects me but it's not redirecting. It keeps saying This Webpage is Not Available because the DNS Look up failed."
I get an error on the bottom of Chrome stating: "Error 105 (net::ERR_NAME_NOT_RESOLVED): Unable to resole the server's DNS address."
Trying using Firefox to authenticate instead. Once you do Chrome will work fine (just not for the authentication part).
Quick idea:
At Eastern Washington University there's an open access AP and a secure AP. When you use open, you are redirected to a student sign on page.
When you use secure, there is no page redirect, as you login using some fancy WiFi security protocol with the same user/pass combo from open. (Tablet remembers network auth and auto-reconnects when in range with no redirects) Maybe just check to see if you have that available?
Also, try forgetting/disconnecting from your network so it doesn't reconnect; then manually reconnect to it. This would hopefully flush any DNS configuration your tablet may have erroneously stored.
Sent from my Nexus 7 using xda premium
xfinrodx said:
Quick idea:
At Eastern Washington University there's an open access AP and a secure AP. When you use open, you are redirected to a student sign on page.
When you use secure, there is no page redirect, as you login using some fancy WiFi security protocol with the same user/pass combo from open. (Tablet remembers network auth and auto-reconnects when in range with no redirects) Maybe just check to see if you have that available?
Also, try forgetting/disconnecting from your network so it doesn't reconnect; then manually reconnect to it. This would hopefully flush any DNS configuration your tablet may have erroneously stored.
Sent from my Nexus 7 using xda premium
Click to expand...
Click to collapse
Thanks everyone, for suggesting the use of other browsers such as Opera to help me redirect. However, I downloaded Opera and Dolphin browser (couldn't find Firefox for some reason) and both of them will not redirect me to the log in page. But my iPhone is able to connect. Any tips? Any help would be appreciated!! (Sorry this is my first Android device)
Can someone please solve this issue? Or at least give an explanation why the nexus 7 has issues with certain open networks?
If you're going to an encrypted (https) page, you won't redirect. Try going to www.google.com instead of your homepage (gmail can be set to https).
Its not encrypted. Just a standard login. I really have no clue what is going on. I tried setting a static IP and using google's DNS as well as open DNS which helped a bit (I occasionally get th elogin screen now, but it doesn't do anything for me).
Has anyone ever solved this issue?
Mine redirects just fine. I have to select the network in the WiFi settings, and then open the browser, though.
Sent from my Nexus 7 using xda premium
Sunburn74 said:
Its not encrypted. Just a standard login. I really have no clue what is going on. I tried setting a static IP and using google's DNS as well as open DNS which helped a bit (I occasionally get th elogin screen now, but it doesn't do anything for me).
Has anyone ever solved this issue?
Click to expand...
Click to collapse
Not sure from your answer if you understood me. If the page you're trying to get redirected FROM is HTTPS, it won't redirect. Navigate to google.com and see if you redirect (since that's never https).
That page is not https. It is standard HTTP.
Before I wouldn't even get that page. Now I reliably get that page (the authentication/acceptance of policy page) since I changed the DNS settings for open DNS (another site recommended using google's DNS or using open DNS). However after I hit accept, it doesn't do anything and just times out after 5 mins or so.
This should work
idk if I'm late in answering this but next time you log in from any device look for the router number and type that in the web browser on the device it isn't connecting on and that should redirect you
Is there any hope? Android is just impossible when it comes to wifi. Sometimes it brings up the login page. But if it doesn't bring up the login page, you will never get connected.
Here's a sample experience.
I'm at a coffee shop trying to connect my oneplus one, which has cyanogen12.0-yng1tas17l
Some things I tried: I opened wpa_supplicant.conf with a text editor and deleted this coffee shop's network. I tried to connect using the app "wifi browser login." I went to settings--modify network--advanced options--ip settings to find the gateway, ip address and dns of the coffee shop, and tried typing them into the browser. Nothing works.
This failure to load the login page is a problem that affects android in general, not just the oneplus one or cyanogen. I have problems with the nexus 7 sometimes too. I've been searching for a solution for years. The silence is deafening.

Categories

Resources