Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[APP][4.2+][2014.02.02] Pry-Fi v1.20 [ROOT]

OP Chainfire

31st January 2014, 07:23 PM   |  #1  
Chainfire's Avatar
OP Senior Moderator / Senior Recognized Developer - Where is my shirt?
Thanks Meter: 54,250
 
9,385 posts
Join Date:Joined: Oct 2007
Donate to Me
More
You are being watched...

A fairly new trend in (for example) retail is tracking customer's movements by snooping Wi-Fi signals. If your Wi-Fi is turned on, even though it is not connected to any network, your phone will periodically broadcast a unique number (the MAC address), as well as all the Wi-Fi network names and addresses it remembers ever connecting to. With newer Android versions this can happen even if Wi-Fi is turned off, due to a feature called "scanning always available", which helps your device better determine its location.

At the very least, businesses can use these signals to track your visits. But these signals can also be used by a malicious entity (store owners, for example) to track your exact physical location in any area under their Wi-Fi surveillance. In a store, this data can be used for optimizing another one of those annoying store re-arrangements, forcing you to walk by all the product you don't want, to get to those you do want. Or detecting products you're tempted by, but ultimately not buying.

Of course they can also track your trip to the register, and couple your device's MAC address to the payment information (and thus many details about who you are). The tracking hardware and software vendors, the store (or chain) owner, their business partners, they can now all track where you are every time you come into range of one of their systems, and fully profile who you are, what you do, your financials, and your daily patterns!

That's just one small example - the possibilities are endless. A crook could hide a tracker at a bunch of houses, and in an automated fashion learn the patterns of everybody living in all those houses, without even having to do any surveillance - picking the ideal time to heist the family jewels becomes trivial. Authorities can use this information to correlate physical evidence with your location as well, and all the nastiness that comes with that.

Not even mentioning that your device's habit of announcing who all it's friends are and their names, makes it easier for hackers to perform a man-in-the-middle attack, tricking your phone to connect to an access point under their control.

Pry-Fi

One solution is shutting off Wi-Fi completely (including the background network scanning), but you would lose benefits like automatically connecting to known Wi-Fi networks and improved location awareness for your apps. It also does nothing to help the situation for others.

Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. While you are not connected to a Wi-Fi network, the MAC address will constantly be pseudo-randomized, following a pattern that still makes the trackers think you are a real person, but they will not encounter your MAC address again. This will slowly poison their tracking database with useless information.

When you do connect to a Wi-Fi network, unless you specify otherwise, your MAC address will also be randomized - the same MAC address will not be used the next time you connect to this or any other network.

War!

Though of course the companies involved with these trackers claim they wouldn't use the data maliciously, the possibility is there, and we all know that if something can be abused, ultimately it will be. There do not appear to be any laws against these practices yet, nor is it likely Wi-Fi will be redesigned any time soon to get rid of the information leaks.

But we can make an effort to reduce the usefulness of the tracking data for the exploiters. Pry-Fi comes with a War mode, which when enabled tries to make your Android device appear like dozens of people. Just wandering around an area under Wi-Fi location surveillance for a few minutes can ruin the tracking data for the period of your stay.

Proof-of-Concept

This is proof-of-concept code, and how for it will go in the future depends on interest and how well it works. It has been tested on several devices and seems to work, but it is very young still. The magic the app does to achieve its purpose is ever subject to changing Android security policies and OEM customizations, so even though it works now, there really is no saying if it will still be possible in future firmwares.

Download

You can get Pry-Fi from Google Play

If Play is not working out for you, the APK is also attached below

TEST

Attached you will also find a 'beta-test' version. This one is compiled to work on all Android 4.0+ devices (instead of 4.2+ of the current official release). I have made all the changes needed to make it compile and technically run on pre-4.2 firmwares, but I have not tested it on an actual 4.0 or 4.1 firmware yet. Let me know if it works for your pre-4.2 firmware!
Attached Files
File Type: apk Pry-Fi-v1.20.apk - [Click for QR Code] (71.8 KB, 6843 views)
File Type: apk Pry-Fi-v1.21-beta-test.apk - [Click for QR Code] (71.9 KB, 4826 views)
Last edited by Chainfire; 2nd February 2014 at 09:27 PM.
The Following 289 Users Say Thank You to Chainfire For This Useful Post: [ View ]
31st January 2014, 08:14 PM   |  #2  
Chainfire's Avatar
OP Senior Moderator / Senior Recognized Developer - Where is my shirt?
Thanks Meter: 54,250
 
9,385 posts
Join Date:Joined: Oct 2007
Donate to Me
More
Issues
This is a very young app and its main feature is doing something that by all counts no app should be doing - as such, it will probably always have issues.

The app was developed against and tested on the following devices:

- Google Nexus 5 @ Stock+root 4.4.2
- Samsung Galaxy S4 @ Stock+root 4.4.2
- Samsung Galaxy Note3 @ Stock+root 4.4.2
- Samsung Galaxy Note2 @ OmniROM 4.4.2
- HTC One @ Stock+root 4.3 (S-OFF or otherwise writable /system needed)

- Sony Xperia family - NOT COMPATIBLE
- Oppo devices - NOT COMPATIBLE

Note that your firmwares should be fully up to date - that includes the TrustZone component in case of Samsung.

Known issues

- Requires SuperSU ?
It's tested against SuperSU, and uses some features that may not be available in other root management apps. Depending on both your Android and root management app version it may or may not work with other solutions, but I certainly recommend against it.

- Using the Android Wi-Fi settings is weird
Pry-Fi does a lot of event-based Wi-Fi on/off switching and connecting/disconnecting. So if you go to settings and turn Wi-Fi on or off, add a network, etc, the interface may start looking as if it has gone mad for a few seconds. Don't worry, this is expected behavior.

- Connecting to a Wi-Fi network (either a new one or a previously known one) is slower
Yes. Indeed.

- Forgetting networks
You can't just forget a network from the normal Android Wi-Fi settings. If Pry-Fi is enabled, you need to use the in-app network management tool to forget a network.

- Multiple known networks
Since v1.10, multiple known networks should be supported.

- Hidden networks
It doesn't currently work with hidden SSIDs, and it won't in the future.

- Wi-Fi Direct (to-do)
Behavior is undefined. Pry-Fi probably heavily interferes with this. Needs more testing/development.

- Beam, S Share, etc
Some methods that quickly share data between two Android devices that are close, tapped together, etc, make use of Wi-Fi Direct, and may thus be negatively affected by Pry-Fi.

- Authentication errors
If the Wi-Fi settings keep claiming authentication errors, your device may not actually support changing the MAC address, and Pry-Fi may not be for you... this doesn't have to be the issue, but it is one of the indicators.
Last edited by Chainfire; 2nd February 2014 at 12:27 PM.
The Following 69 Users Say Thank You to Chainfire For This Useful Post: [ View ]
31st January 2014, 08:15 PM   |  #3  
Chainfire's Avatar
OP Senior Moderator / Senior Recognized Developer - Where is my shirt?
Thanks Meter: 54,250
 
9,385 posts
Join Date:Joined: Oct 2007
Donate to Me
More
Changelogs
2014.02.02 - v1.20
- Force toolbox calls. Typical case of busybox symlinks causing unexpected failures. Probably the primary cause of people losing Wi-Fi completely
- Service receivers are now en/disabled dynamically. Saves a few CPU cycles and a bit of memory when Pry-Fi is installed but disabled.

2014.02.02 - v1.10
- Support for multiple simultaneously known SSIDs
- Spoofing MACs *also* while connected to a network is now a feature you need to enable separately, as this is the feature that causes most issues yet is arguably the least important tracking-wise.

2014.02.01 - v1.02
- Fixed crash/freeze in case of SU denied
- Changed non-SuperSU error to a warning
- Fixed various reported crashes
- Added Superuser permission (doh)

2014.02.01 - v1.01
- (Hopefully) Fixed an issue with the optional IAP

2014.02.01 - v1.00
- Initial public release
Last edited by Chainfire; 2nd February 2014 at 02:35 PM.
The Following 45 Users Say Thank You to Chainfire For This Useful Post: [ View ]
1st February 2014, 11:15 AM   |  #4  
Chainfire's Avatar
OP Senior Moderator / Senior Recognized Developer - Where is my shirt?
Thanks Meter: 54,250
 
9,385 posts
Join Date:Joined: Oct 2007
Donate to Me
More
--- reserved ---
The Following 30 Users Say Thank You to Chainfire For This Useful Post: [ View ]
1st February 2014, 11:19 AM   |  #5  
0.0's Avatar
Senior Member
Thanks Meter: 2,742
 
5,887 posts
Join Date:Joined: Jan 2010
More
This app only works with SuperSU. Would it be able to work with Koush's Superuser in the near future?

Sent from my Nexus 4
The Following User Says Thank You to 0.0 For This Useful Post: [ View ]
1st February 2014, 11:26 AM   |  #6  
Mr_Bartek's Avatar
Senior Member
Thanks Meter: 399
 
1,190 posts
Join Date:Joined: Jun 2009
Donate to Me
More
Thumbs up
Whilst not its main purpose, it will also work great at airports with time based free WiFi. Schipol uses the MAC address to assign a timeframe to devices.

Anyway, working well on HTC One - 4.4.2.
The Following 9 Users Say Thank You to Mr_Bartek For This Useful Post: [ View ]
1st February 2014, 11:27 AM   |  #7  
Chainfire's Avatar
OP Senior Moderator / Senior Recognized Developer - Where is my shirt?
Thanks Meter: 54,250
 
9,385 posts
Join Date:Joined: Oct 2007
Donate to Me
More
Quote:
Originally Posted by 0.0

This app only works with SuperSU. Would it be able to work with Koush's Superuser in the near future?

Maybe. Currently has to do with some changes to AOSP that haven't fully panned out yet. Once I'm clear on that, I might put in some time to make it work with Superuser. But I'm certainly not going to delay a release to make it compatible...
The Following 5 Users Say Thank You to Chainfire For This Useful Post: [ View ]
1st February 2014, 12:10 PM   |  #8  
adyjl's Avatar
Senior Member
Thanks Meter: 283
 
375 posts
Join Date:Joined: Sep 2012
More
Up and running on my s2 with slimkat. So glad I'm aware of guys like you and the work you do. Thank you.

Sent from my GT-I9100 using Tapatalk
The Following User Says Thank You to adyjl For This Useful Post: [ View ]
1st February 2014, 12:47 PM   |  #9  
spaazm's Avatar
Senior Member
Thanks Meter: 105
 
158 posts
Join Date:Joined: Mar 2012
Just fine here on my Nexus4.

One thing though is that Playstore has v1.00. I've downloaded v1.01 from here and it updated flawlessly. I just thought you'd like to know it.

Anyway thank you for all your hard work to our benefits.

• OMNI 4.4.2 NIGHTLY • AK.042.XGENESIS •
The Following User Says Thank You to spaazm For This Useful Post: [ View ]
1st February 2014, 03:24 PM   |  #10  
cschmitt's Avatar
Senior Member
Thanks Meter: 1,823
 
1,583 posts
Join Date:Joined: Feb 2012
HTC One, CM11, up and running. Have multiple networks at home so can test with that if needed. I'm ready for a little wifi war.

Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes