SandroProxy Takes Android Browsing Privacy Up a Notch
Privacy on the Android platform is a critical issue. From application permissions to browser security, privacy is an ever growing issue that many developers are working to protect. XDA Member SandroBSupp’s latest application, SandroProxy, is just what you need to protect your privacy while using internet traffic.
Upon first opening the application, you’ll be greeted by a screen with three tabs on it: Log, Data, and Apps. Along the top will be some buttons that are fairly self explanatory. The “play” arrow starts the proxy service, the “wrench” opens setting, and the “information” icon processes a request for superuser permissions, which then allows you to view all of your network information. Of course, on ICS the obligatory legacy menu option is available and allows you to clear iptables.
Using the App
Now that the application is open, you’ll have decide what you want to do next:
Non-root users will be able to hit the play button and the application will serve as an SSL MITM proxy (Secure Socket Layer Man-In-the-Middle proxy). In essence the application will intercept HTTP/HTTPS requests on the fly and redirect them to a web server, which in turn modifies both the data sent and received. There’s even an option to use client certificates for this.
Root users on the other hand (which is most of the XDA Android community) have another option available to them. In addition to the MITM proxy service mentioned above, root users also have access to a transparent proxy. This is a network layer proxy that also redirects traffic and performs some routing functions, but only modifies traffic for what is absolutely necessary for proxy identification/authorization. The benefit of this type of proxy in Android is that all traffic globally across the device or only HTTP/HTTPS traffic from specific applications can be redirected. Application-specific traffic redirection is enabled by going to the settings button, enabling the transparent proxy, going back to the main page, and clicking on the “Apps” tab. At this point you should be able to select whether you want to enable/disable either HTTP or HTTPS proxy redirection for each, specific application.
The “Log” tab will of course keep track of your actions and make sure that any relevant data surrounding those actions is displayed properly.
Having used the application for several days, I can honestly say that it does what it purports. While a newer user who is not familiar with networking at all may have a hard time understanding what is going on at first, they should have no issue using the basic services. This application really shines for advanced users who have a clear understanding of how this application works, and who want to take their privacy to the next level by using app specific redirection or custom certificates. In addition, advanced users also have the ability to examine the request/response data that is saved in the applications cache.
The application is based on the WebScarab Project and is free, but ad-supported. All-in-all this is a great program for ensuring data traffic privacy, so head on over to the original thread and give this a go. If you’re a developer looking to modify or contribute to this application, head on over to the Google Code page and have a look at the source.
Want more posts like this delivered to your inbox? Enter your email to be subscribed to our newsletter.