World’s First True Firewall for Android Just Launched

by: Darcy LaCouveeMay 4, 2011

We’ve always been big proponents of security here at Android Authority, and talked about the Security Architecture of Android in a piece previously. There’s been a lot of discussion lately about the level of security on Android and the iPhone, and for good reason. Most of us have a significant amount of personal information on our mobile devices, and mobile security is likely to become an even bigger deal then it is currently. Most recently it was revealed by security researchers that the iPhone can potentially track the location of the user for a whole year, and transfers the log over an owners computers in an unencrypted file. Not to mention, the apps you install on your Android device send information back to the developers – and from their it can’t really be known what is done with it.

Thankfully, the development community has spoken, and an ingenious app from the developers at Whisper Systems have come up with a brilliant piece of software that gives you control over a dynamic firewall, with real-time connection monitoring, giving you unprecedented control over where your data is going and what your apps are doing., and the ability to restrict apps from sending out any information at all.

Security expert, Moxie Marlinspike launched the first dynamic Android firewall today, called Whisper Monitor. It monitors all outbound connection attempts by installed apps and the operating system, giving users a good idea of what’s going on with their phone.

“WhisperMonitor is essentially a small firewall for Android devices that allows users to restrict the behavior of any installed app and make decisions about what they want apps to be able to send to publishers and other third parties,” said Marlinspike.

Finally, a firewall for Android

WhisperMonitor provides a software firewall capable of filtering and real-time connection monitoring, giving you control over where your data is going and what your apps are doing. The app also includes access to the company’s existing WhisperCore security platform for Android, which provides platform-level encryption for Android devices, as well as some other security features. Additionally, both are offered for free.

Here’s what it can do:

Dynamic egress filtering.

When enabled, WhisperMonitor will monitor all outbound network traffic and issue dynamic prompts in order to determine egress filter rules.

Simple rule management.

WhisperMonitor provides a simple interface to modify or update rules defined by application.

Connection history.

WhisperMonitor optionally records the connection history of the software installed on your device, giving you insight into where it is connecting and how often.

How it works

If users think an app is accessing something that it shouldn’t, they have the option of blocking URLs or port numbers accessed with it. Users can also set firewall rules for individual apps and even provide connection history for apps on the phone.

We highly recommend you check this app out, so if you think that your phone is sending out data that it shouldn’t, or you want some extra protection for the files on your phone, head over to the WhisperSystems website to download WhisperMonitor for your Android phone.

Via: Threatpost

  • Ben

    Nothing was mentioned in the article about the software being only for the Nexus One and Nexus S. It’s not for “Android” if it only supports two phones.

  • Trebor

    Check out question 14 on their FAQ at

    It’s a custom ROM, no doubt with iptables built into the kernel. So, for the sake of “improving” security, you have to give this relatively unknown (at least, this is the first I’ve heard of them, maybe they’re more known by those who keep closer track in the Android world) company COMPLETE control of your device. No thanks.

  • Adam

    this seems like the same thing as droidwall with iptables been on the market for years first firewall lmao not

    • oinker


  • Firewalls block inbound connections. This monitors and blocks outbound connections. Even back early 90s, when reverse firewalls were more common, they were not implemented this way. They were implemented like regular firewalls with the ports switched. This appears to be implemented via changes to the kernel instead. This part isn’t a critism of the product, the prouduct website does not claim that this is a firewall.

    It makes sense that the only way to do this for both Linux and Dalvik applications, is to do it at the kernel level. That is machine dependant though, so we need to wait until it’s implemented for our devices. This product may be a better fit for corporate Android computers, assuming that the corporation is purchasing identical Android handheld devices. Hopefully that’s what will happen, and this won’t give Big Brother any ideas.

  • EddieT

    This apk No longer Available for download/use :(
    Try DroidWall an Android Firewall (needs root)

  • Guest
  • Someone