There's lots of talk lately about leaky apps: Angry Birds and Google Maps are among the smartphone apps accused of informing the government all about who you are and what you've been up to, as Nick Statt reported late last month.
A recent blog post by Serge Malenkovich of the security firm Kaspersky Labs questions the need for the latest version of Facebook's Android app to automatically access your SMS messages to facilitate the service's two-factor authentication.
Granted, Facebook and other app developers have perfectly legitimate reasons for wanting automatic access to your phone's network connection. That doesn't change the fact that there's a mountain of data being sent from your phone: some of it going to parties you know about, and some of it heading for parts unknown.
In the past, the only way to install a firewall on an Android phone was to "root" the device. This entails granting yourself root permissions, which Lifehacker compares to using Windows as an administrator rather than as a standard user.
Grey Shirts' NoRoot Firewall works without requiring that you root your Android phone, as the name implies. The program lets you grant or block access to your phone's apps one at a time. The developer claims you don't have to disclose your location or phone number to use the firewall.
The first time you open the app you're prompted to enable the virtual private network connection. You're warned that you're granting the program permission to intercept all network traffic, so you should do so only if you trust the program.
Once the firewall is active, apps attempting to access the network are listed on the Pending Access tab. Press either Allow or Deny for each app.
Many system components are granted access by default and are shown on the Apps tab. Check boxes next to each entry let you allow or block the program's access to your wireless network and/or your cell network. Press an entry to show more information about the app, including the date and time, IP address, and domain name.
Give apps network access only on demand
NoRoot Firewall's filters let you grant or block access based on IP address, host name, or domain name; I didn't test this feature. I used the firewall to block all apps on the Android phone and then grant access one at a time. I also granted and then revoked access to two e-mail apps and a news site. In my limited testing, the program worked without a hitch.
It doesn't take long for the pending access requests to pile up, but neither does it take much time to work through the list to grant or deny access to the apps.
Whether Android phones need a firewall is an open question. After a couple of days of using NoRoot Firewall, it appears that having one doesn't cause any problems, once you've convinced yourself that you can trust the developer with access to all the data being transferred to and from your device.
(Note that the NoRoot Firewall page on Google Play indicates that the program may not work on LTE networks.)