Control which apps may access the Internet on your Android device
Apps are one of the cornerstores of smartphones. They extend the phones functionality, provide you with the means to customize it, or provide you with entertainment in the form of games.
Apps may request permissions during installation or upgrade, and one of those permissions is to access the Internet. It is likely that most Android users do not go through the list of permissions that an app requests before it gets installed, similar to how many Windows users do not pay attention to the setup steps of a program they install on their system.
Once you have installed an app, it may make use of those permissions as it sees fit. If you have allowed Internet access, it may connect to servers on the Internet, often without you knowing about it unless you run monitoring software on your system.
NoRoot Firewall is a specialized app for Android devices that puts you back in control. What makes the app special is the fact that it does not require root access for its functionality.
It uses an ingenious workaround for that, as it makes use VPN functionality to do so. Basically, all traffic flows through the app once you have allowed it to create the connection.
The app does not create a "real" VPN connection though, and no data is sent to servers on the Internet in the process.
Once done, you will be informed about connection attempts that applications make on your phone. It is up to you to allow or deny the connection. Note that all pending attempts are blocked automatically until you allow the connection to go through.
Notifications are displayed whenever a new app tries to establish a connection to an Internet server. You can open the pending access tab of the app to go through all apps that have tried to connect to the Internet, and either allow or deny them individually here.
The apps listing on the other hand displays all system and user-installed applications. Permissions to access the Internet using WiFi or a wireless connection are displayed here, with options to allow, block or remove the permissions right on this page. You can use it to monitor permissions that you have added, or whitelist or blacklist applications whenever the need arises.
Another interesting feature of NoRoot firewall is the global filters option. You can run filters before or after individual app filters apply. A filter provides you with options to allow or block connections to specific addresses and ports on the Internet.
A pre-filter would overrule any app specific filters or post-filters that you have created. This can be used to block access to specific servers for all apps, or whitelist servers instead.
NoRoot Firewall ships with an access log that is interesting as well. It logs all connection attempts of all apps, displays the server IP address and host name the connections are made to, highlights time and day, and informs you whether the connection was allowed or not.
You can configure the app to run on boot, so that it is always active on the Android device.
Verdict
If you want more control over apps and their Internet connections, but do not want to root your device, then you may find NoRoot Firewall more than useful for that task.
The app leaves little to be desired in terms of functionality. It needs to be noted that it does not work if you need to connect to VPN servers, as its own will block that from happening. It is also not supporting LTE right now.
Advertisement
Very useful.
Thanks
I wonder if there is something similar to control which apps have access to the speakers, or to the camera.
Do you know any apps that manage other app’s permissions, that actually works?
Sounds good!
So far I quite manage it all, and my apps don’t seem to try using my mobile internet rather than my Wifi, but this app steal appeals to me… I guess I like being able to have full control of things.
But this line troubles me a bit “Basically, all traffic flows through the app once you have allowed it to create the connection” – how much should it bother me as a user? regarding privacy and loyalty issues…
Jeremy, there is this app for controlling apps permissions, and it even requiers no root!!
I really like it, but I find it not as usefull as I thought, ‘cuz the more I use it- the more I find out it doesn’t realllly catch and allow me to observe and block all permissions that my apps use :\
but maybe u’ll like it for what it does do… I still keep it, ‘cuz my phone remains unrooted [for rooted phones there’s way more powerful ‘things’ to use :)
check it out [& read it all…] https://play.google.com/store/apps/details?id=com.colortiger.appopsinstaller
Is there a comparable app for iOS and Windows?
You can try this https://www.ghacks.net/2012/06/27/tinywall-a-windows-firewall-with-less-annoyances/ for Windows.
Useful for hiding ads in games and preventing the mobile data plan bills from racking up.
XPrivacy for managing permissions, it works fine for me, I have been using it for about 6 months now, its rock solid if you stick to the stable version (the beta version is pretty stable as well but it can on occasion cause problems)..
It can also be used to block the camera by blocking the “Media” section. I don’t think it can do the same for sound as it mostly blocks privacy sensitive permissions – it for example blocks the microphone in the same section.
And the good thing about it is it feeds fake data to the apps so as not to make them crash unlike all other permissions managers except PDroid that can only be used in certain roms. Some things can not be fed fake data however, they are detailed in the help.
Root firewalls on Android edit the iptables file so they do not use recourses for those interested, I use personally AFWall+ because in can separate the local network and internet traffic, so I can allow an app to only use my LAN and not the internet.
Both are opensource and actively maintained, especially XPrivacy, the author is very responsive to input in the xda forums.
What about Gingerbread?
Thank you for the article. Maybe I can replace DroidWall with this application.
I’m spreading this article around to my friends who wanted an Android firewall but did not want to root their devices.
For Windows, Windows Firewall Control from Sphinx Software is the best one as it blocks outgoing connections by default, provides outbound notifications when something is blocked and allows unblocking it with 1 click.
For Windows Zone Alarm is one of the best.
Thanks for the useful app. Now I can save my mobile data balance.
so……
no one but me is bothered by “Basically, all traffic flows through the app once you have allowed it to create the connection”.. ? :O
Is there anyway by which we can disable any user from downloading a app as well as control the access to particular app. do we need to root the device for this
is there any firewall for windows phone, the above mentioned zone alarm and sphinx software are for windows PC. I could not find any version for windows phone.
It seems most apps are bypassing going through this app by stopping the VPN service. I wonder if that could be prevented.
Hi,I know I’m late coommenting here,but I have been using “lostnet no root firewall” the permissions are minimal. The pro version has packet capture with analysis. And blocks some ad networks and malware or phishing sites connections using common list the big name ad blockers use. The free app has all kinds of features and the pro version is only $.99 minimal impact on battery too. As for the guy asking about everything running thru the app,that’s so it can filter the connections. All done on the phone thru the phones VPN module. And this app can handle 4g LTE connections,no problem. Only Google analytics for apps outside connection. There is one app in this catagory that had too many permissions,so watch out for that one.
The only issue with NoRoot Firewall is that it doesn’t work on KitKat+. That’s why I put nosy apps on my Huawei tablet, because it allows me to cut an app’s internet access from the device itself.
I just love the way NoRoot Firewall controls data usage.
Is there a way to stop getting the “VPN is activated by NoRoot Firewall”-message? I get this message all the time. I don’t want to stop getting messages from NoRoot Firewall, I just don’t want to see this one anymore.
If you’re seeing that message a lot then something is restarting the service. That’s not what you should see. You may consider running the beta version although I have noticed that it makes regular outside contacts and I’m not sure why so I just blocked it using itself which seems to work at least it continues logging it as blocked.
If you go to the developers webpage though you’ll see that the one thing it doesn’t block is traffic on IPv6 for either version you’re only seeing ipv4 based traffic