FORUMS
Remove All Ads from XDA
Win Honor 9 Lite

keweon Privacy Security - thanks to all keweonDNS Users

622 posts
Thanks Meter: 1,062
 
By MrT69, Senior Member on 29th September 2017, 04:52 PM
Post Reply Email Thread
14th October 2017, 10:07 PM |#11  
Senior Member
Thanks Meter: 1,162
 
More
Quote:
Originally Posted by MrT69

UPDATE:

The current Infrastructure will be upgraded to 10 GBit (!) DNS Server power and much more faster system.

Please notice that the DNS Server addresses will change during the next weeks.
After this upgrade you can spread the system to all of your friends.

Thanks a lot & more will comming soon on the website


...which is currently still under developement...

Working well, but I get 'invalid security certificate' error popup on most pages. Any way to eliminate?
 
 
15th October 2017, 10:31 AM |#12  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 1,062
 
Donate to Me
More
If this URLs are wrong within the blacklist, do me a favor and send them to me to whitelist them.
Copy the URLs from the Browser into a TXT file and send this to. Keep in mind only attachments will arrive. It will help not if you type the addresses or URLs within the mail Body.

whitelist@keweon.center

Doesn't matters if you send 100 Mails per Day because the will automatically processed during the night.
I'm happy for every wrong listed URL. Million thanks in advance for your feedback.

If this is affecting websites which are not false positive than you need to wait a few days. Currently I'm working to terminate all https crap from the advertising side. But therefore it is a must to have the keweon Root Certificate installed. Right now I need to terminate every https error manually.

It is incredible how many poison sites work with HTTPS so it was a need to develope a different solution than doing this always manually. The server installation is in progress but first I need to finalize the tests. Should be done until next weekend.
22nd October 2017, 12:14 AM |#13  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 1,062
 
Donate to Me
More
Update 1:

Please take a look at the second posting. The first 10Gbit DNS Server is online and working. Yeaaahhhhh!!!

Germany:
10Gbit DNS v4: 89.33.16.222
10Gbit DNS v6: 2a01:367:c1f2::448

Of cause it's a shared 10Gbit - but it's in Germany and damn fast. Next month the second 10Gbit in USA will be online. Installation is already in progress.


Update 2:

Today at 3:00 AM (Germany GMT+1) after the daily reboot procedure the entire HTTPS problem is solved.

If you have the keweon Root Certificate installed EVERY (!) HTTPS error is gone. I was developing this procedure since more than 2 yrs and during the last 3 months I have had no additional problems or errors.

The entire HTTPS crap will be terminated and to make sure that this is done from my site, every "keweon termination" is marked with a specific favicon. Sometimes it happens that a site still has a problem with the HTTPS errors even when everything is working on my site. This happens to HTTPS overlays or HTTPS calls with bad coded Java Scripts. If this error happens that you receive a Banner or Overlay with HTTPS error message than please reload the site and the error will never occurs again.
The problem is related to the programmers of the websites. Sometimes I have the feeling that some of them still use FRONTPAGE to develope websites. Anyway, just reload and that's it.

HTTPS traffic termination

Now the big question - is this save?

Absolut! I will terminate only the evil traffic and within the tunnel there are no data. Let's assume I will do this with Paypal - what will happens?
When the URL's "PayPal and PayPalObjects" are on my blacklists than it is not possible at all for you to contact the website. Because of this it is also not possible to grab any input from your site because the login to PayPal would be not longer possible. Please feel so free and track the traffic. I even would help to investigate and help you to take a deeper look inside.


How is it possible?

Please understand that this is a very difficult thing to explain and on the other hand everything what I would release here in XDA is also visible to "the dark side" and they might have the option to do strike against this. Of cause, I will release more informations on the website which will be the next thing during the next 2 weeks. Currently 40 Servers within the Background only working for terminate this problem. Yes, this is a raised middlefinger to the entire & global ads industrie and I'm so damn proud of my solution.

Please remember: The keweon Root Certificate is still not required. If you have concerns than it is OK for me if you do not use it. If you would like to have a clean and "https error confirmation free" Internet than you should to install it. The certificate will be available at: http://pki.keweon.center - the download will start after 3 seconds and you need to install it.


Update 3:

This is the cutest news. Since one month a company was testing the solution and with the "Sophos" appliance it was possible to configure it within a way that the local installation of the "keweon Root Certificate" was not longer required.

I guess Sophos will not realy notice me but from today I can say that keweon official supports the "Sophos Appliance". The tutorial is in progress and as soon as this is finished I will release it. I hope I will get more instructions from your side how to mange this with other Systems. (CISCO, Checkpoint, PaloAlto and other heavy firewall and security systems)
The Following 3 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
22nd October 2017, 11:24 PM |#14  
Senior Member
Thanks Meter: 1,162
 
More
I like this concept and want to keep testing. Here's my issue - for some reason, activating design change causes very slow loading speed. Same on WiFi or mobile. I have entries active for ipv4 and ipv6. For ipv4, the first set of numbers in post 2 won't work. Dns changer shows red line in entry field, (bad numbers). So, I'm using the second set, (starts with 51.254...). For ipv6, I'm using the first set. They work fine, but cause it to take 10-20 seconds to load a page. It seems like it gets better the more I browse, but still will take 5-10 seconds to load just about any page, and when I open up dns changer and hit 'stop', it is automatically faster, no more lag.

I wondered at first if it was a conflict with other tweaks and mods, (I have build prop tweaks, and AFWall app, etc), so I undid everything and tried again, but the same. I use Naked Browser almost exclusively, but tested with AOSP browser also, and no different.

Any ideas? Thanks
23rd October 2017, 05:05 AM |#15  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 1,062
 
Donate to Me
More
Quote:
Originally Posted by levone1

I like this concept and want to keep testing. Here's my issue - for some reason, activating design change causes very slow loading speed. Same on WiFi or mobile. I have entries active for ipv4 and ipv6. For ipv4, the first set of numbers in post 2 won't work. Dns changer shows red line in entry field, (bad numbers). So, I'm using the second set, (starts with 51.254...). For ipv6, I'm using the first set. They work fine, but cause it to take 10-20 seconds to load a page. It seems like it gets better the more I browse, but still will take 5-10 seconds to load just about any page, and when I open up dns changer and hit 'stop', it is automatically faster, no more lag.

I wondered at first if it was a conflict with other tweaks and mods, (I have build prop tweaks, and AFWall app, etc), so I undid everything and tried again, but the same. I use Naked Browser almost exclusively, but tested with AOSP browser also, and no different.

Any ideas? Thanks

Thanks a lot for the feedback.
The problem is related to the latency of my current VPS. That was one of the main reason why I would need to find an Investor. The entire system needs to be run from a physical Host but this will need an Invest for 200.000 Euro per year. 20 GBit Server located within 16 Countries world wide. Would be so cute but they wanted that I collect data from users to sell this. I guess you can imagine what my answers was to this stupid idea.

Anyway... I guess I have an idea. First at all, which county/city you are located? If you don't want to make this public send me a short PM.

Thanks a lot for your support. I'm pretty sure I will find a solution 😉



Btw... Anyone else with this problem? Send a short PM with your Country/City.
23rd October 2017, 07:11 AM |#16  
Ksathral's Avatar
Junior Member
Thanks Meter: 5
 
More
Thank you very much, it works very well.

I do have a small delay from 5 up to 15 seconds on an initial connection but after the webpage is loaded there is no more delay and often faster than without the dns.

For me its not a big issue, I did pm you with my country and city in case it may be if help for you.
The Following User Says Thank You to Ksathral For This Useful Post: [ View ] Gift Ksathral Ad-Free
24th October 2017, 06:53 AM |#17  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 1,062
 
Donate to Me
More
MILLION TIMES THANKS TO ALL OF YOU
FOR YOUR SUPPORT & TRUST INTO KEWEON


Today I received the first f/p blacklist settings and this will be in place tomorrow morning 03:00 AM GMT +1 (German Time). Good to see that the system is in use.

With the help and testing from a view users it seems the current DNS Servers are to slow. I will change the public front end infrastructure. I will anounce this bevore to prevent interruption.

But keep in mind!

I'M NOT GOOGLE OR ANY OTHER DNS PROVIDER WITH A BILLION EURO BUDGET!

Unfortunately I don't have the money to do what I want but I guess this is anyway the best solution which is currently available. I need to host everything on VPS which is from the technical point of view not the best solution because of a high latency. I'm working on this, still think about Investor or Crowdfunding or anthing like this. But first at all I want to have a usable system and a pretty website in place.

That will finally mean that the launch of the website is still in progress - sorry folks - but I guess it is more important that the system will be fast as possible and stable.

OFFER:
If someone of you is interested to take over the responsiblity/administration of the keweon forum - let me know. I'm fine with nearly 8 programming languages but this phpBB3 Board drives me crazy. This is not my world. I appreciate every help and support. My english is not longer the best and my wife would kill me if I would do this also because the technical support of the system needs already a lot of time.

Contact me via PM if you are interested.


MILLION TIMES THANKS AGAIN!
The Following 4 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
27th October 2017, 08:16 PM |#18  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 1,062
 
Donate to Me
More
New & faster Servers are online. Feel so free to use it, test it, share it to your friends and wherever you want.

Click here for current DNS Server List

Please test each of the server. Someone from US reportet that UK and NL DNS Server has a damn good performance within USA.
If someone of you have contact to ASIA please let me know what's about the Japan DNS Server.

@Rom DEVS
If you are interested to add the keweon Certificate by default to your ROM you're welcome.
This has the advantage that there is no need to assign a PIN to the device if you place the Certificate by default into the Certificate Store.


Btw, the website is already in progress and I hope you will visit it when it's done.
The Following 4 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
27th October 2017, 09:15 PM |#19  
bond32's Avatar
Senior Member
Flag Franklin
Thanks Meter: 238
 
More
Really excited about this.

Looking into ways to change the dns on Android with root access, any ideas?
27th October 2017, 09:25 PM |#20  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 1,062
 
Donate to Me
More
Quote:
Originally Posted by bond32

Really excited about this.

Looking into ways to change the dns on Android with root access, any ideas?

Use this App. No Root required. The app is a fake VPN App.
This will mean it will also work in 3G/LTE Mode and it's Open Source available at Git Hub.

Not my App. But I also use this outside.

https://play.google.com/store/apps/d...erd.dnschanger

Enjoy it!
The Following 2 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
27th October 2017, 09:38 PM |#21  
bond32's Avatar
Senior Member
Flag Franklin
Thanks Meter: 238
 
More
Quote:
Originally Posted by MrT69

Use this App. No Root required. The app is a fake VPN App.
This will mean it will also work in 3G/LTE Mode and it's Open Source available at Git Hub.

Not my App. But I also use this outside.

https://play.google.com/store/apps/d...erd.dnschanger

Enjoy it!

Thanks, I had this primed and ready, but was curious if a root-access alternative provided additional functionality. More functionality than just the VPN icon disappearing...
Post Reply Subscribe to Thread

Tags
adblocker, dns

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes