Project Fi Security on Open WiFi Networks - Nexus 6 Q&A, Help & Troubleshooting

This is a pretty simple question but I can't seem to find the answer anywhere on the internet. I'm sure any Project Fi user can answer easily...
So I understand how Project Fi works with the free WiFi hotspots that they have verified as “fast and reliable.” It connects to them seamlessly and secures it with a VPN. My question is about what happens with other open WiFi networks that are not on Google's magic list. Obviously you would have to connect manually since it's not a "verified" network, but once you are connected does Google still route your traffic through a VPN? Or are you on your own? I'm always weary about connecting to open WiFi networks when I'm traveling, but I'm too lazy/cheap to set up proper SSH Tunneling or a VPN. It would be great if Google left the VPN functionality there when you manually connect to an unsecured network. I doubt it, but figured I'd ask.
While I'm at it, I was also curious about the prevalence of these "verified" WiFi hotspots. Google's Project Fi coverage map shows you the 4G/3G/2G coverage and that is all well and good. But it seems that the important thing from a money-saving standpoint is how often is it going to be able keep you on WiFi vs cellular data. It would be great if they had a separate map (or a layer you could turn on in the existing map) to get a feel for how often you can expect to be on WiFi. Anyone have a good feel for how prevalent these things are really? This is especially important because I'm coming from Verizon where 4G LTE coverage is better than the combined Google Fi coverage. The Google Fi 4G LTE coverage is maybe a quarter of the Verizon 4G LTE coverage.
Thanks in advance.

My understanding is if you don't get the key icon in the status bar, you are not on Google's VPN. It would be up to you to use something like TunnelBear or OpenVPN's Private Tunnel. I agree it would be great for them to make their VPN available or at least natively support TAP in Android
This is from a moderator at the official Google+ Project Fi Community:
Currently, the Google VPN is only supported for those where WiFi Assistant is used. This means that the VPN will only kick in when your device automatically connects to WiFi networks that Google has verified as reliable and secure. When the VPN is kicked in, you'll notice a little secure key icon next to the WiFi status indicator.
To answer your second question, there is currently no list or coverage map of the verified WiFi hotspots, but it has been requested. Be sure to also add your voice by sending feedback via the Fi app.
I hope this information answers your questions! I'm here if you have any more.
Click to expand...
Click to collapse

crachel said:
My understanding is if you don't get the key icon in the status bar, you are not on Google's VPN. It would be up to you to use something like TunnelBear or OpenVPN's Private Tunnel. I agree it would be great for them to make their VPN available or at least natively support TAP in Android
This is from a moderator at the official Google+ Project Fi Community:
Click to expand...
Click to collapse
Yea that's pretty much what I figured. If it used VPN everywhere it MIGHT be worth it for me to drop my Verizon unlimited because the VPN service would pay for itself. Or if they had a coverage map of these verified Wi-Fi networks so I could at least know what I'm getting into. Seems like a little too much of an unknown for me to jump ship right now knowing I can't ever get back.
Thanks for the information.

sorry, old thread, but i figured it'd be better than creating a new one...
i finally got signed up for fi on my 6p. (op, in case you're still wondering i haven't encountered any of those open hotspots in my hometown yet) My question is, can i somehow force the vpn to enable, even on networks i have to sign in to? (thinking of home, campus wifi, etc)

Related

Google locat your position with WI-FI

I went on google maps today with my wifi on and it found my position to within about 30 meters!!!!!!!
So i turned wi-fi off and it found my position to within 500 meters!
i didnt know google can locate your position through the WI-FI network that you are connected to? or is something else in play here because the GPS was not on and it only found me that close when i had my wi-fi on!
Confused!
As far as a have red Google Maps can locate you on all three GPS, mobile phone connection and WIFI, thought i fail to see how they do it with WIFI...
Also i still don't know how they do it with mobile phone connection either.
I mean i understand technicaly, but does googlemaps make request to mobile provider for location data, or just send normal data packaged and finds out by those? I would realy like to know...
Google Maps has access to the phone, it's not Google who's finding out where you are. 3G connection and GPS should be clear. WIFI might work using the IP Address, but I don't think you'd get such an accuracy. Strange!
Firefall! said:
Google Maps has access to the phone, it's not Google who's finding out where you are. 3G connection and GPS should be clear. WIFI might work using the IP Address, but I don't think you'd get such an accuracy. Strange!
Click to expand...
Click to collapse
Yea i am baffled and slightly scared! If people can get my position that exact with my ip address!! Plus i always though it found ur location with cell towers by known which towers u were connected to and where they are located
comeradealexi said:
Yea i am baffled and slightly scared! If people can get my position that exact with my ip address!!
Click to expand...
Click to collapse
It shouldn't be possible. Maybe it was coincidence.
comeradealexi said:
Plus i always though it found ur location with cell towers by known which towers u were connected to and where they are located
Click to expand...
Click to collapse
That's what "they" can do. Actually your phone does it. Google doesn't know unless you send them the information.
I don't think its your ip address, coz my isp uses transparent proxies yet google can still trace my location
so how does it do it then! lol
comeradealexi said:
so how does it do it then! lol
Click to expand...
Click to collapse
Was it a public hotspot?
Firefall! said:
Was it a public hotspot?
Click to expand...
Click to collapse
nope just my home router - looked up ip on ip finder and that was miles and miles away
http://mashable.com/2009/07/09/google-maps-location/
They actually drive around scanning for Wi-Fi networks and plot their location, and that way your location can be determined by the available Wi-Fi networks.
To pinpoint location, XPS uses a massive reference network comprised of the known locations of tens of millions of Wi-Fi access points and cellular towers. To develop this database, Skyhook has deployed drivers to survey every single street, highway, and alley in tens of thousands of cities and towns worldwide, scanning for Wi-Fi access points and plotting their precise geographic locations.
Click to expand...
Click to collapse
[http://www.skyhookwireless.com/howitworks/coverage.php]
Not sure if the Google Maps application uses Skyhook's database, but it basically works like this.
jjm34 said:
They actually drive around scanning for Wi-Fi networks and plot their location, and that way your location can be determined by the available Wi-Fi networks.
[http://www.skyhookwireless.com/howitworks/coverage.php]
Not sure if the Google Maps application uses Skyhook's database, but it basically works like this.
Click to expand...
Click to collapse
wow - thats kinda scary! Too bad it doesnt work on the desktop version! So if i changed my SSID would it stop being able to find me or does it do it through ip or summit - still thanks for the info! Thanks harveydent for the link too

What, exactly, is the AT&T Hotspot app?

I'm new to the world of AT&T smartphones (having owned an LG Shine now for a few years) and just ordered my Aria a few days ago. It's slated to arrive tomorrow.
In the meantime, I've been taking peeks at the root/patch development process that's going on over in the dev forum. And the developer who's spearheading that effort, has stated that his first attempt strips out ALL of the AT&T bloatware, including the AT&T Hotspot app.
I didn't think it was appropriate to ask the newbie question over there, so instead I've come here: what exactly IS the AT&T Hotspot app? Is it something that's vital to the functioning of wi-fi on the device? Or is it just something that helps you connect to AT&T's proprietary, public wi-fi networks?
Thanks,
Corporate Dog
There are 1000's of wifi hotspots that AT&T provides in popular businesses. The Hot Spot app will tell you where to find them in your local area. Mcdonalds, Starbucks, Barnes and Noble are a few of the included spots when I search my local area.
its doesn't use your location and forces you to type in your city it is much less effort to just go to google maps on the phone and type in hotspot
Basically, here's poor man's hostpot program: Go to Google Maps and create layers that would contain Starbucks, B&N, and McDonald's stores. Voila!
The jury is out, however, on McDonalds. I haven't been able to establish a connection at any single I tried around NYC. Either there's no ATTWIFI at all, or the connection is established but no traffic goes thru.
McDonalds HotSpot
Most of the ones here in Chicago work but first you need to visit there splash page agree to the terms and donate your extra email address
Besides being able to find hotspot locations via the application, the AT&T Hotspot actually runs as a service (WispService) automatically if you have it installed. If you try to get onto one of the AT&T WiFi networks, it will generally prompt you via notification (in the top left corner of your screen) validating your access to the hotspot. This would replace the agree to terms checkbox via the startup webpage if you didn't have the service running. The Hotspot app may also allow you to get onto AT&T customer only hotspots. The service I found only worked on stock-based ROM's and not Cyanogen.

Does N1 share gps over wifi tether?

I got an iPad the other day, and have been using the tethering ability of N1 with CM6.1rc1 while at work. I have the basic wifi iPad,that does not have gps built into it, but it is able to pull location data from wifi. While on my homes wifi, google maps shows my location about 300 Feet from my actual location, but while at work using my phone for wifi, it's much more accurate, only off by about 30 feet or so. So does my N1 share the gps location over the wifi when tethering is turned on?
Nope... Just means that the location services being used by the ipad know what wifi is near your office better...
Sent from my Nexus One using XDA App
My Guess is that its based on your external IP. Something like this http://www.ip2location.com/free.asp
Google actually records the location of your wifi network, when you use things like latitude.
When I moved from Australia back to New Zealand for about a month whenever I was connected to my home wifi router, google said my location was in australia (because that was the same router I was using in australia).
Even though I had changed the ssid etc, I still had to wait for google's servers to realise I had moved. So I guess they record the location along with the mac address for the router.
britoso said:
My Guess is that its based on your external IP. Something like this http://www.ip2location.com/free.asp
Click to expand...
Click to collapse
Just gave that a try, and I'm guessing that's not it. It shows my location 10 or 15 miles away from my actual location.
daijizai said:
Nope... Just means that the location services being used by the ipad know what wifi is near your office better...
Sent from my Nexus One using XDA App
Click to expand...
Click to collapse
Is it able to pull location data from wifi networks that are not even visible to me?
I used to tether my iPod Touch to my Androids before it was stolen. Same idea, I think it just looks for all the wi-fi MAC addresses nearby and triangulates a probable position. If the network you're connected to is not in its database (and inevitably, the MAC address of a tethering phone won't be), then it just sniffs out all the other surrounding wi-fi networks. So whatever networks are visible from your office, they are already in the Skyhook database.

Free wifi authorisation types

We want to give to our client's unlimited access to our(not it's) worldwide Wi-Fi database and tests surrounding wifi networks before taking you off 4G
If you want to share your knowledge or take participation in discussing the trouble with the authorization for the free Wifi, we will be happy to hear from you.
This feature is on by default and constantly scans available wifi networks as a background process. When it finds a quality wifi network, it will check to see if our crowdsourced password database contains a password for it. If a password matches, Nommi will try to connect, testing the speed of the network without interrupting your current cellular connection. Once everything Ok only then Nommi starts to route your traffic over public wifi. Ultimately this feature saves your cellular data allowance. As a Nommi user, you do not only have access to a large existing database of passwords, but you can also help curate this global database and share passwords with others by adding them via the app.
For now, we are planning to create the module that will automatically authorize you with wifi coverage working on code logic.
Authorization and the addition of a new wifi will be separate as an application on Android. So by the application, you can connect to the open wifi coverage without hustle.

New Pixel 5 - want to enable Hotspot on Verizon (without their limitations)

I've got a pay-as-you-go account while I try Verizon out in my area. Unfortunately when I turn on hotspot no actual data is passed to the connected devices. I can connect to the phone, but the device I connect with tells me there's no internet. I remember Verizon wanting me to upgrade to yet another level in order to have hotspot allowed.
I've looked around on here and can't find anything related to bypassing this bull****. Can someone point me in the correct direction?
Thank you!
pdanet! you'll need to install it on both the phone and the computer you are connecting to it. it doesn't work on things like roku or streaming devices.
I use it all day every day and have for a year now. blazing fast.
i'm sure there's other solutions, but this is the one that works perfect for me.
bubbyj said:
pdanet! you'll need to install it on both the phone and the computer you are connecting to it. it doesn't work on things like roku or streaming devices.
I use it all day every day and have for a year now. blazing fast.
i'm sure there's other solutions, but this is the one that works perfect for me.
Click to expand...
Click to collapse
I appreciate the advice, but I want to enable hotspot so I can share it with ANY device without the need for doing anything on the other device to connect (other than a password. But thank you though
armyturtle said:
I appreciate the advice, but I want to enable hotspot so I can share it with ANY device without the need for doing anything on the other device to connect (other than a password. But thank you though
Click to expand...
Click to collapse
Used to be if you were rooted you could use a magisk module to do this.
You can use VPN Hotspot. But I think you need to use a real VPN service alongside it.
armyturtle said:
I appreciate the advice, but I want to enable hotspot so I can share it with ANY device without the need for doing anything on the other device to connect (other than a password. But thank you though
Click to expand...
Click to collapse
Probably out of luck then. I know of no solution.
The only other option you have is to do the pdaNet+ on your computer, and then use your computer as an adhoc hotspot. You'll probably only be able to blast out about 50% of the speed that you draw on your phone going through two hops. But its likely the only solution you can use. And it'll only work on a PC, not a Mac.
Sorry bud.
Maybe I'm missing something here but if you're on a pre-paid plan to try out service, what does the hotspot functionality tell you? Hotspot will give you the same speeds as your existing device so long as you're not subject to any hotspot caps per the terms of service. I have 15 GB of full speed hotspot data on my plan and when I connect a device it is no different than the phone connection. Once I hit the limit then it is of course stupid slow ~600 kbps I believe. I only really use it when traveling to keep the toddlers entertained.
l7777 said:
Maybe I'm missing something here but if you're on a pre-paid plan to try out service, what does the hotspot functionality tell you? Hotspot will give you the same speeds as your existing device so long as you're not subject to any hotspot caps per the terms of service. I have 15 GB of full speed hotspot data on my plan and when I connect a device it is no different than the phone connection. Once I hit the limit then it is of course stupid slow ~600 kbps I believe. I only really use it when traveling to keep the toddlers entertained.
Click to expand...
Click to collapse
You are missing it. I want to utilize my pay-as-you-go (not prepaid) plan, which has "unlimited" data, to give data to the other devices around me... my tablet, kids devices, etc. Been able to do this without limitation with my Google Fi pixel and account since they've offered Google Fi as a service. Simply click the hotspot icon to enable and everyone can connect to my phone like it's regular router, period. I don't want to give yet more money to Verizon to be able to do this. If I'm already paying for unlimited data once, it's none of their business how I utilize it; and screw their TOS.
Adb commands may work for you. I'll need them for sprint.
Adb set global tether_dun_req 0
Also try a custom OS or locked bootloader? I don't remember the exact command but if you google that you'll find it
armyturtle said:
You are missing it. I want to utilize my pay-as-you-go (not prepaid) plan, which has "unlimited" data, to give data to the other devices around me... my tablet, kids devices, etc. Been able to do this without limitation with my Google Fi pixel and account since they've offered Google Fi as a service. Simply click the hotspot icon to enable and everyone can connect to my phone like it's regular router, period. I don't want to give yet more money to Verizon to be able to do this. If I'm already paying for unlimited data once, it's none of their business how I utilize it; and screw their TOS.
Click to expand...
Click to collapse
I certainly agree with your sentiment that unlimited should be unlimited but as we all know by now that ship has sailed. You were aware of the limitations when you signed up for service. Lots of things are possible but restricted by an authority of some sort. That said, you may be able to do what you want but there will be hoops to jump through. It is foolish to expect a one click solution when you are explicitly attempting to bypass the known restrictions.
PDA Net is one such option.
Funneling the tethered traffic through a VPN is another as suggested above.
I'll make the assumption that you wish to do this while at your home and mobility is less of a concern. The below should effectively be able to turn a phone into a home internet connection.
You will need a USB-C dock with ethernet port, the VPN Hotspot app, and a router that will run OpenWRT
Configure OpenWRT to mangle all outgoing packets with a TTL of 65
Connect the WAN port of the router to the ethernet port of your dock
Use the VPN Hotspot app to tether with the ethernet connection
See if your devices can access the internet
This is based off what I know about how Verizon and many other mobile carriers detect tethered devices. The key is the TTL of outgoing ethernet packets. TTL is decremented at each router hop. From the phone packets always have a TTL of 64. When another device connects via the hotspot the packets will be seen by Verizon as having a TTL of 63. Thus they will deduce that it is a tethered device and limit the traffic. The usual disclaimers apply. I take no responsibility for the consequences of following or attempting to follow my instructions.
Can you believe its legal for a company separate from the manufacturers and even distributors of these device to place restrictions on hardware you own for the sake of profit? Its abusive and embarrassing. (Unless you leasing, then you making me sound stupid as hell)
Code:
adb shell
settings get global tether_dun_required
If you get null or 1 response:
adb shell
settings put global tether_dun_required 0.
try this my friend
l7777 said:
I certainly agree with your sentiment that unlimited should be unlimited but as we all know by now that ship has sailed. You were aware of the limitations when you signed up for service. Lots of things are possible but restricted by an authority of some sort. That said, you may be able to do what you want but there will be hoops to jump through. It is foolish to expect a one click solution when you are explicitly attempting to bypass the known restrictions.
PDA Net is one such option.
Funneling the tethered traffic through a VPN is another as suggested above.
I'll make the assumption that you wish to do this while at your home and mobility is less of a concern. The below should effectively be able to turn a phone into a home internet connection.
You will need a USB-C dock with ethernet port, the VPN Hotspot app, and a router that will run OpenWRT
Configure OpenWRT to mangle all outgoing packets with a TTL of 65
Connect the WAN port of the router to the ethernet port of your dock
Use the VPN Hotspot app to tether with the ethernet connection
See if your devices can access the internet
This is based off what I know about how Verizon and many other mobile carriers detect tethered devices. The key is the TTL of outgoing ethernet packets. TTL is decremented at each router hop. From the phone packets always have a TTL of 64. When another device connects via the hotspot the packets will be seen by Verizon as having a TTL of 63. Thus they will deduce that it is a tethered device and limit the traffic. The usual disclaimers apply. I take no responsibility for the consequences of following or attempting to follow my instructions.
Click to expand...
Click to collapse
Yeah, again, I do appreciate your efforts to help. And no, I am not concerned about stationary setup... I do want to be able to be mobile. Also to clarify I never said I was expecting a "one-click" solution; that is another assumption you made. I'm familiar with linux and also have used the xposed modules in the past to bypass restrictions before on other mobile devices - such as apps detecting GPS spoofing. I used to use an exposed module and had some commands to enter to hide the GPS spoofing from the OS. Worked a treat actually.
I'm going to try Andrew2432's suggestion. Thank you again though - I do appreciate it.
armyturtle said:
Yeah, again, I do appreciate your efforts to help. And no, I am not concerned about stationary setup... I do want to be able to be mobile. Also to clarify I never said I was expecting a "one-click" solution; that is another assumption you made. I'm familiar with linux and also have used the xposed modules in the past to bypass restrictions before on other mobile devices - such as apps detecting GPS spoofing. I used to use an exposed module and had some commands to enter to hide the GPS spoofing from the OS. Worked a treat actually.
I'm going to try Andrew2432's suggestion. Thank you again though - I do appreciate it.
Click to expand...
Click to collapse
You'll have to let us know if it works. I'm skeptical knowing how they identify tether traffic on my account. You can alter the TTL on the devices that connect to the hotspot but that has to be done on all the devices.
donlu30 said:
Used to be if you were rooted you could use a magisk module to do this.
Click to expand...
Click to collapse
That's what I do on Sprint/T-Mobile, root + Magisk hotspot/tethering module.
Well mines caught and I've tried everything. Editing build props with magisk, dun required set to 0, even the tethering module. When I tried to install lineage my esim wouldn't download. Pretty upset about adhoc pdanet right now. Especially since it cuts out constantly and it cuts out my 5g. Real mad.
andrew2432 said:
Well mines caught and I've tried everything. Editing build props with magisk, dun required set to 0, even the tethering module. When I tried to install lineage my esim wouldn't download. Pretty upset about adhoc pdanet right now. Especially since it cuts out constantly and it cuts out my 5g. Real mad.
Click to expand...
Click to collapse
As I noted, I don't expect they are relying on your phone settings to detect/block tethering. There are ways of detecting the traffic on their end. Those things are what you'll need to mitigate.
I think with tmobile/sprint the culprit is an extra apn setting that is the hotspot connection. Get rid of that sucker, might have something. Gonna make me mad real quick
Anyway... none of that worked and in the end I gave up and just changed to the "Do More" plan. It's $70 but at least it let's me tether. Verizon wins... Thx guys.
armyturtle said:
Anyway... none of that worked and in the end I gave up and just changed to the "Do More" plan. It's $70 but at least it let's me tether. Verizon wins... Thx guys.
Click to expand...
Click to collapse
I got mine working. I don't pay for actual internet because of unlimited data. What was the issue with yours? It wouldn't turn on or it wouldn't transmit data once turned on? We can fix won't turn on in seconds with magisk and then hidepropsconfigs module. Install it and use a terminal emulator to add the line "net.tethering.no provisioning=true" to your build prop and it will unlock it.
If its APN related we can fix that too. Just need to mount your system folder and delete all apns, then input your own specified APN with dun added to the type.
No f***** way are they gonna make me pay to use my device as designed

Categories

Resources