Anyone know of an app, that automatically login into wifi network?
For example, my school have public wifi, however it requires me to open a browser then enter my user Id/password. Is there a way to automated this? I am already using Y5 and this is the last piece of the puzzle.
PS: obviously, I don't want to share my student id/password with the whole wide world as well. So thing like WeFi doesn't seem like the best thing on earth. I just want to store the login info locally on my phone.
NexusX said:
Anyone know of an app, that automatically login into wifi network?
For example, my school have public wifi, however it requires me to open a browser then enter my user Id/password. Is there a way to automated this? I am already using Y5 and this is the last piece of the puzzle.
PS: obviously, I don't want to share my student id/password with the whole wide world as well. So thing like WeFi doesn't seem like the best thing on earth. I just want to store the login info locally on my phone.
Click to expand...
Click to collapse
I have the same issue with my employer's WiFi.
The weird thing is it often works for many days, allowing me to connect/disconnect freely. Then one day randomly, it'll ask for my password again.
I'm pretty sure there's no way to automate entering your password if you have to do it via a browser (mine is via a browser as well).
The only thing I can suggest is adding your username to the dictionary so you can easily type something and get it auto-corrected for the full username. Also, using KeePass to copy/paste the password.
deleted
Is Android really secure enough to bank on?
What security precautions do you all take?
I would not suggest to do any banking on any mobile device not just android specially with hacked roms. The risk is too much for instance losing ur device and if ur device is rooted then it data is exposed.
Sent from my PC36100 using XDA App
I use Mint just to view my bank account, if i ever lose my device, they still need my pin number to get into the app(not your bank pin, any pin you set) and i can always change the password of the account online.
Over a cell network is probably THE safest way to bank. I trust that Cyanogen hasnt done anything that will steal my bank info.
Unlock screen password + BoA app doesn't have my password saved, AND has most of the username censored. 3G is also fairly secure, compared to cable or a WiFi connection.
No matter how you bank online it will be insecure IMO, using an unrooted android phone is probably a little bit more secure then using a PC or mac though. Just don't set it up so anyone can get in there without using a password or something.
I say unrooted because once you root it's a whole new ballgame. Using any custom ROM or giving any 3rd party app SU permissions means they have a free for all to any and everything your phone has and does.
I use the web on the phone to check my accounts, but I do not use an app for it.
I also make sure to never save passwords on the browser as well.
Just don't save your usernames/passwords if you bank on the browser, and make sure to tell any banking app to log out when you leave the program (you might not even be ABLE to stay logged in).
All data through CDMA cell networks is encrypted by default, not to mention the additional encryption that any reputable bank's website/app will have. As was mentioned above, online banking with your phone truly is the safest way to bank online.
In regards to rooting, it is only as dangerous as you make it. If you root and then grant SU permissions to "Swe3T fREE BaBEs 4 U" app, you're probably asking for trouble. But I only grant SU to Quick Boot and SetCPU, and other legitimate applications that don't ask for more permissions than they require. Just don't be an idiot and you'll be fine!
So is there a near consensus now that it can be secure?
Any naysayers remain?
It's really your choice to use it or not all it comes down to. I am in the Information Security field and when you learned about how things work and how to get around them. It's scary!
vboyz103 said:
It's really your choice to use it or not all it comes down to. I am in the Information Security field and when you learned about how things work and how to get around them. It's scary!
Click to expand...
Click to collapse
Taking field bias in consideration, I'm looking for your insight on how to make it most secure or if it's really necessary to wait for further security measures.
There are ways to practice safe sex afterall..
i'm still not quite sure how sending data over a CDMA network is any more secure than any other means. i mean sure CDMA is encrypted to begin with; yes. on top of that, any banking you do should be encrypted with SSL at least. great. now you've got two layers of encryption/security there. the fact is though regardless if it's CDMA or SSL, you're still transmitting data out thru the open air where anything with an antenna can grab it. it doesn't really matter how encrypted the data is at this point, it's unsecure in that is is freely available with only an antenna. security is not really how secure the data is at the presentation layer, but how secure it is at the physical layer as well.
vboyz103 said:
It's really your choice to use it or not all it comes down to. I am in the Information Security field and when you learned about how things work and how to get around them. It's scary!
Click to expand...
Click to collapse
I have a very similar job to you. I used to think the same.
Thing is, getting around those things is possible, but less likely that most other ways. Getting a wallet or purse stolen is common. Handing your CC to a server at a restaurant or bar and not seeing what they do with it is pretty trusting, no? Bet we've all done that.
Do the best you can, and be watchful of your accounts. I bank on my phone with more confidence than I would have at Starbucks on wifi.
Just thought of a new question. I use excel a ton and frequently need to go to my bosses office to ask questions about certain things. If I were logged onto the companies wifi, would I be able to optain access to the shared drives my NT account (assuming somehow I login from my Xoom) to manually bring the document to my boss, and have the work be easily done in one place???
The quickest way might be to install one of the remote desktop clients out there. Even on the 4.3’’ screen of the Evo, it can be a real pain to use, but I suspect a MUCH more pleasant experience on this.
By tomorrow afternoon, it is my intent to have my xoom talking to a dedicated Win7 vm that lives on one of my servers. Hopefully, I’ll be able to get to a point where creds are saved and I end up with a 1-click process to access the enterprise. Im REALLY banking on the idea that rdp will be usable on this larger screen.
I know that’s not exactly what you were looking for, but I’d be willing to bet that somebody is / has worked on a file browser that will see network shares and store credentials. I will certainly look around.
AndyMan386 said:
Just thought of a new question. I use excel a ton and frequently need to go to my bosses office to ask questions about certain things. If I were logged onto the companies wifi, would I be able to optain access to the shared drives my NT account (assuming somehow I login from my Xoom) to manually bring the document to my boss, and have the work be easily done in one place???
Click to expand...
Click to collapse
I can do this at home now with my Android phone using AndroXplorer on wifi. Just need to create a shortcut to a share on my PC using UNC path. Not sure if your company will have any restrictions on WiFi or not and also not sure if that app will work on Honeycomb. But it is definitely possible.
hey, i used to have a way around the school router blocks but i cant seem to remember what it was for the life of me. What it consisted was of an .exe that installed some software that allowed me to browse freely. I vaguely remember that the software consisted of a icon on the taskbar that was kinda an earth with fire around it....maybe?
if you have any other good router/server bypasses then please let me know. .exe file executions are blocked everywhere except in the technology building at school. Preferably i would like to have something only requiring a flash drive or it can be done within IE or Chrome.
Do u mean that you are able to surf the internet but some website, like Facebook for example , are blocked?
yukinok25 said:
Do u mean that you are able to surf the internet but some website, like Facebook for example , are blocked?
Click to expand...
Click to collapse
yes exactly, often they have keywords that they block as well, (such as game, kill, black ops, etc). maybe a proxy would work? we used to have a couple good ones but they would eventually block it.
johnston9234 said:
yes exactly, often they have keywords that they block as well, (such as game, kill, black ops, etc). maybe a proxy would work? we used to have a couple good ones but they would eventually block it.
Click to expand...
Click to collapse
yes, a free proxy can be a solution in most cases, here try some in this list first:
http://www.publicproxyservers.com/proxy/list1.html
johnston9234 said:
hey, i used to have a way around the school router blocks but i cant seem to remember what it was for the life of me. What it consisted was of an .exe that installed some software that allowed me to browse freely. I vaguely remember that the software consisted of a icon on the taskbar that was kinda an earth with fire around it....maybe?
if you have any other good router/server bypasses then please let me know. .exe file executions are blocked everywhere except in the technology building at school. Preferably i would like to have something only requiring a flash drive or it can be done within IE or Chrome.
Click to expand...
Click to collapse
To do this would require some form of exe to use a proxy via a specially setup browser, or admin rights to set the system proxy.
You will find that your IT admins will block the proxies you use (I have to block proxies at my work network when we detect them).
If implemented properly (any good professional IT admin should be able to do it right), you will struggle to tunnel out using most systems.
You can't ssh forward if they block non-standard ports, or filter protocols. You can't use SOCKS proxies if they do the same. You can't use web proxies if they use smart URL filtering.
You can try web proxies, but it's an uphill battle. If you find a proxy that works, don't tell your friends, as that usage across multiple accounts flags the URL in some security systems (my users alert me to the latest proxy sites unwittingly )
Finally, you do realise you are probably breaking the acceptable use agreement? Isn't it better to do facebook etc out of school hours? Or use your phone? If you get good at evading, it is easy to remove internet access altogether from an account in most systems. Good luck in tunnelling out when you have zero internet access as your account is null routed
Summary? Try proxies, don't hold your breath, and do you really need to use facebook etc in school? Oh, and for goodness sake, don't run exes on school PCs... If they've not set them up right, you could infect the machines. They prevent EXE execution on most machines for good reason...
pulser_g2 said:
To do this would require some form of exe to use a proxy via a specially setup browser, or admin rights to set the system proxy.
You will find that your IT admins will block the proxies you use (I have to block proxies at my work network when we detect them).
If implemented properly (any good professional IT admin should be able to do it right), you will struggle to tunnel out using most systems.
You can't ssh forward if they block non-standard ports, or filter protocols. You can't use SOCKS proxies if they do the same. You can't use web proxies if they use smart URL filtering.
You can try web proxies, but it's an uphill battle. If you find a proxy that works, don't tell your friends, as that usage across multiple accounts flags the URL in some security systems (my users alert me to the latest proxy sites unwittingly )
Finally, you do realise you are probably breaking the acceptable use agreement? Isn't it better to do facebook etc out of school hours? Or use your phone? If you get good at evading, it is easy to remove internet access altogether from an account in most systems. Good luck in tunnelling out when you have zero internet access as your account is null routed
Summary? Try proxies, don't hold your breath, and do you really need to use facebook etc in school? Oh, and for goodness sake, don't run exes on school PCs... If they've not set them up right, you could infect the machines. They prevent EXE execution on most machines for good reason...
Click to expand...
Click to collapse
This is a REALLY good explanation Pulser, I always liked the way you answer to the people on XDA! (specially on the Hero thread )
By the way, why an .exe file would infect a machine? Do you mean any kind of .exe? Even from a well known company, who create safe and populars software?
I used to run, without tell anyone, firefox portable in my office to bypass firewall restrictions, is that dangerous as well?
Considering you are at school, you will lack a lot of needed rights to edit certain things. I would know, I had to get around blocks on both Windows and Mac computers my freshman year.
I would advise you use the software, Your Freedom, it's free, but requires an account, you will also need to use a browser such as Firefox, and edit the settings to use the correct IP and Port as a proxy.
It also works on both Mac's and PC's. There is another software that I had used, strictly for windows PC's, but I can't recall the name of it.
Edit: I also ran the software from my flash drive..
i have special access to .exe and Command prompt just because of the position i am in as a student (several Technical courses). I can execute files on my computer and i have Chrome Installed. Does that help?
johnston9234 said:
i have special access to .exe and Command prompt just because of the position i am in as a student (several Technical courses). I can execute files on my computer and i have Chrome Installed. Does that help?
Click to expand...
Click to collapse
What I did was to download firefox portable, you can google it (and if you want you can copy it to an USB drive).
If you go to firefox networking setting, you can try to change the options in advanced with "no proxy" or as wisefire said just write an IP proxy address with the correct port, you should be able to visit any website.
At least this was working flawlessy for me..
yukinok25 said:
This is a REALLY good explanation Pulser, I always liked the way you answer to the people on XDA! (specially on the Hero thread )
By the way, why an .exe file would infect a machine? Do you mean any kind of .exe? Even from a well known company, who create safe and populars software?
I used to run, without tell anyone, firefox portable in my office to bypass firewall restrictions, is that dangerous as well?
Click to expand...
Click to collapse
Only a malicious exe would cause trouble...
But on a shared school network, who knows what the user before you used...
That's why I use disk freezing software on systems I run, and a forced reboot between logins, to give you a clean environment.
But while employees run portable firefox, what if they were to use it on another pc, and it had a virus, which infected the exe?
TBH, flash drives shouldn't be used in work environments, that were used outwith that environment... But that's not realistic in a school.
johnston9234 said:
i have special access to .exe and Command prompt just because of the position i am in as a student (several Technical courses). I can execute files on my computer and i have Chrome Installed. Does that help?
Click to expand...
Click to collapse
Come on... Surely you ain't gonna abuse that privilege? You got it because you were trusted, not to work round the restrictions that are in your acceptable use policy...
yukinok25 said:
What I did was to download firefox portable, you can google it (and if you want you can copy it to an USB drive).
If you go to firefox networking setting, you can try to change the options in advanced with "no proxy" or as wisefire said just write an IP proxy address with the correct port, you should be able to visit any website.
At least this was working flawlessy for me..
Click to expand...
Click to collapse
That would work unless they filter out proxy traffic (you can often detect SOCKS proxies and other ones that are working using this method, or even block common ports like 8080)
Back in high school we used Ultrasurf and GPass. I liked GPass because it was really easy to hide from the taskbar and notification area.
pulser_g2 said:
Only a malicious exe would cause trouble...
But on a shared school network, who knows what the user before you used...
That's why I use disk freezing software on systems I run, and a forced reboot between logins, to give you a clean environment.
But while employees run portable firefox, what if they were to use it on another pc, and it had a virus, which infected the exe?
TBH, flash drives shouldn't be used in work environments, that were used outwith that environment... But that's not realistic in a school.
Click to expand...
Click to collapse
haha, All of my schools have used disk freezing software. I thought about putting it on my parent's computer so I don't have to work on it anymore.
Eventhough I generally don't work on it anymore and just have them call someone to work on it for them. hahah.
buttes said:
Back in high school we used Ultrasurf and GPass. I liked GPass because it was really easy to hide from the taskbar and notification area.
Click to expand...
Click to collapse
Back in my days in high school we just got the many different IT and Librarian passwords/usernames and some teacher's passwords aswell. Then we'd log in to them and download Kazaa (yeah, it was that long ago lol), and downloaded like a gig or two of old NES, SNES, SEGA, Etc roms and started passing them around to everyone. haha.
It got so bad that the school threatened expulsion for everyone that had the games on their user accounts because it was overloading their network and storage space.
For a while they were just searching for the rom's extensions and you could just go and change them to a .txt and then change them back when you wanted to play them, but then they finally realized that the gig of space the roms took up were about 4 times the size of the data we were allowed to have and they could just sort the usernames by the usage of storage space.
The teacher's ones were fun to have though... it allowed you change some grades here and there...especially with my method of madness which I will not describe here. lol
pulser_g2 said:
That would work unless they filter out proxy traffic (you can often detect SOCKS proxies and other ones that are working using this method, or even block common ports like 8080)
Click to expand...
Click to collapse
So, I am really interested about this topic, is there anyway to bypass a restriction if they filter out the proxy traffic?
yukinok25 said:
So, I am really interested about this topic, is there anyway to bypass a restriction if they filter out the proxy traffic?
Click to expand...
Click to collapse
Hmmm... It's possible. If they use deep packet filtering it may be hard. But anything is possible...
I won't go into details, of getting round things, as it is my job to stop people getting round them, and I know a load of tricks, but look at the protocols in use in surfing - you need LDAP/AD to log into windows domain. Then you use DNS to resolve an IP (perhaps via a corporate web proxy). Then HTTP/HTTPS to access the page.
Now think what tools the domain admins might use to administer their network - RDP? SSH? Web services on high ports?
I think I've gone into enough detail for now... I can tunnel out almost any network these days, but I don't think it is sensible, wise, nor ethical to divulge this sort of thing.
pulser_g2 said:
Hmmm... It's possible. If they use deep packet filtering it may be hard. But anything is possible...
I won't go into details, of getting round things, as it is my job to stop people getting round them, and I know a load of tricks, but look at the protocols in use in surfing - you need LDAP/AD to log into windows domain. Then you use DNS to resolve an IP (perhaps via a corporate web proxy). Then HTTP/HTTPS to access the page.
Now think what tools the domain admins might use to administer their network - RDP? SSH? Web services on high ports?
I think I've gone into enough detail for now... I can tunnel out almost any network these days, but I don't think it is sensible, wise, nor ethical to divulge this sort of thing.
Click to expand...
Click to collapse
True I am agree with you Pulser, thus I am really into this sort of things recently.
I am eager to learn..
Could you please recommend me a book or something (not too advanced) that would help me to understand better LDAP/AD, DNS and everything about security and networking?
I obviously wanna learn just for myself and I definitely don't want to spread or divulge in anyway bad behaviors..
johnston9234 said:
hey, i used to have a way around the school router blocks but i cant seem to remember what it was for the life of me. What it consisted was of an .exe that installed some software that allowed me to browse freely. I vaguely remember that the software consisted of a icon on the taskbar that was kinda an earth with fire around it....maybe?
if you have any other good router/server bypasses then please let me know. .exe file executions are blocked everywhere except in the technology building at school. Preferably i would like to have something only requiring a flash drive or it can be done within IE or Chrome.
Click to expand...
Click to collapse
if not previously mentioned, you're looking for "Tor" which comes in both installable packages or portable exe files that can be run off flash drives and includes a custom made 'Mozilla Firefox' which comes preloaded with Tor and does not save any browsing information on your client machine, thus this program is completely anon when ran from a flash drive.
www.torproject.org and you're looking for the Stable Portable Browser Bundle
Please thanks me (click thanks) if this helped
really there is a simple way
use kon-boot and bypass admin password and change the settings
kylon said:
really there is a simple way
use kon-boot and bypass admin password and change the settings
Click to expand...
Click to collapse
not if he is on a school network, he would have to physically run kon-boot on the server itself which defeats the purpose because the server would already be logged in as an admin of some kind.
-correct me if I'm misunderstanding or have missed a key post somewhere-
Am a little bit surprised (to say the least) that a device for ebook reading with a shop based function, has no working firewall!
Especially as the kernel is based on Linux!
What are people here doing for a firewall?
Has anyone manged to get ipchains etc back onto the Nook?
Freya
FreyaBlack said:
Am a little bit surprised (to say the least) that a device for ebook reading with a shop based function, has no working firewall!
Especially as the kernel is based on Linux!
What are people here doing for a firewall?
Has anyone manged to get ipchains etc back onto the Nook?
Freya
Click to expand...
Click to collapse
I doubt that an unrooted NST has any listening ports, so no need for a firewall. Credit Card details aren't stored on the NST itself, so an attacker would need to sniff the (SSL-encrypted+signed?) network traffic and use that to log into the account, if that's even possible. I suspect that all an attacker could do would be to buy books for the registered user without their permission.
cowbutt said:
I doubt that an unrooted NST has any listening ports, so no need for a firewall. Credit Card details aren't stored on the NST itself, so an attacker would need to sniff the (SSL-encrypted+signed?) network traffic and use that to log into the account, if that's even possible. I suspect that all an attacker could do would be to buy books for the registered user without their permission.
Click to expand...
Click to collapse
We know that at least port 80 exists because of the built in web browser and the nook must be receiving data somehow for the books etc.
You are right that the credit card details are almost certainly stored remotely but once a hacker is inside they can log the data from the keyboard so that when you update your credit card details you are passing on the details to who knows who.
Freya
FreyaBlack said:
We know that at least port 80 exists because of the built in web browser and the nook must be receiving data somehow for the books etc.
You are right that the credit card details are almost certainly stored remotely but once a hacker is inside they can log the data from the keyboard so that when you update your credit card details you are passing on the details to who knows who.
Freya
Click to expand...
Click to collapse
No, that's not how TCP works.
The NST will make a connection from an ephemeral source port in the range 1024-65535 to the destination port of 80 (http) or 443 (https) on the server. Connections cannot be established to the ephemeral port on the NST without MITMing the connection. If you're worried about that, you should also worry about lots of other attacks (e.g. transparent malicious proxies) that an IP firewall also won't protect against. And don't connect your WiFi devices to untrusted networks (which is good advice anyway).
TL;DR: the lack of an IP firewall on an unrooted NST is the least of your worries.
cowbutt said:
No, that's not how TCP works.
The NST will make a connection from an ephemeral source port in the range 1024-65535 to the destination port of 80 (http) or 443 (https) on the server. Connections cannot be established to the ephemeral port on the NST without MITMing the connection. If you're worried about that, you should also worry about lots of other attacks (e.g. transparent malicious proxies) that an IP firewall also won't protect against. And don't connect your WiFi devices to untrusted networks (which is good advice anyway).
TL;DR: the lack of an IP firewall on an unrooted NST is the least of your worries.
Click to expand...
Click to collapse
Well I would worry about malicious proxies but I'm not sure I can do anything about them really.
So what you appear to be saying is that the whole firewall thing is very overrated and isn't really all that necessary.
I assume it was just one of those things that was trendy for a short while some time ago but has now gone out of fashion.
I know a lot of people turn off their firewalls to play networked computer games because the firewall tends to get in the way, so maybe they are a lot less important than I assumed.
You are right that I probably worry too much about these things.
The thing you say that makes me pause for thought tho, is about connecting to untrusted networks.
Isn't the internet itself an untrusted network? Or am I being over the top again because I'm basically protected by my ISP?
Freya
FreyaBlack said:
Well I would worry about malicious proxies but I'm not sure I can do anything about them really.
So what you appear to be saying is that the whole firewall thing is very overrated and isn't really all that necessary.
Click to expand...
Click to collapse
It depends.
IP firewalls are still quite useful to protect networks where people may connect hosts running network services that don't comply with the organisation's security policy. And host firewalls are sometimes useful if there are listening network services that cannot easily be disabled, or if there are outbound connections that one wishes to block. More intelligent firewalls that perform some deep packet inspection can also be useful these days (mostly because so many so-called "firewall friendly" network protocols just run over HTTP(S)).
The thing you say that makes me pause for thought tho, is about connecting to untrusted networks.
Isn't the internet itself an untrusted network? Or am I being over the top again because I'm basically protected by my ISP?
Click to expand...
Click to collapse
That depends how competent and/or malicious your ISP is, and how co-operative they are with the local government!
Freya
Click to expand...
Click to collapse