DroidWall: The Aptly Named Android Firewall Solution

Installing Android applications can sometimes be a risky operation. A list of permissions requested by the application pops up before installation, but how many people actually read those? Even if you do read them, they can often leave you puzzled as to why that application needs that permission.

I recently installed a newly-released game on my phone, and, like usual, took a look at the permissions it requested: full internet access (fair enough), read phone state and identity (wait, what? Why would it need that?), and access my location (alarm bells are definitely going off now). Since the game appeared to have fairly decent production values and was free, I was wary that its creators might be using an alternative revenue model, such selling user information to third parties.

Call me paranoid, but I’d rather err on the side of caution. I started looking around for a way to easily log Android network traffic to see if I could discover what data the application was actually transmitting, but stumbled upon something so much better: DroidWall.

VERY IMPORTANT NOTE: DroidWall requires root access to work at all. If you don’t have root, DroidWall will not function.

DroidWall lets you leverage the power of Linux’s iptables using a simple front-end interface. In a nutshell, it lets you block specific applications from accessing the Internet.

Even better, DroidWall is incredibly easy to configure. On the application’s main screen you’re presented with two modes of operation: white list or black list (toggle between the two by clicking on the header where the mode is displayed). When in white list mode, you select which applications you want to grant access to the internet (useful if there are only a few applications you want to give internet access). Black list mode is just the opposite. You select applications that you wish to block (useful when you only want to block access from a few applications). DroidWall also lets you decide on a per-application basis if you want to block 3G, Wi-Fi, or both, which can be useful if want to ensure that data-hog applications aren’t syncing while on 3G.

Once you’ve made your decisions, simply hit the Menu key, enable the firewall (if it isn’t already enabled), and hit ‘Apply rules.’ DroidWall will request Superuser permissions and the rules you defined will take effect immediately.

Be careful when selecting which applications you want to block, as blocking the wrong one could cause your phone to act rather strangely. For example, blocking the Linux kernel would probably be a bad idea.

If you want to be sure DroidWall is working, it also comes with a logging feature that can be enabled in the options menu. The log can be viewed via the ‘Show log’ option, also found in the options menu.

Conclusion

For all I know, the data the application was collecting may have been harmless. Usage metrics are often collected by game developers and studied to try and make the game better. However, since the game was new to the Market and I wasn’t familiar with the publisher, I decided it was best to not take a chance. DroidWall made it easy to use a built in Linux feature to simply block that application from accessing the Internet.

DroidWall can be downloaded for free from the Android market via the QR code below. If you really like it, consider donating at the project’s Google Code page.