Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Optional Whitelist Mode #432

Open
GfEW opened this issue Oct 27, 2024 · 0 comments
Open

Optional Whitelist Mode #432

GfEW opened this issue Oct 27, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@GfEW
Copy link

GfEW commented Oct 27, 2024
edited
Loading

(Note)My search for similar issues has brought up #395 which suggests an one-time deny-all. The improvement laid out below goes beyond, it offers a default toggle that applies to new and existing apps alike, which then can be overridden as desired.

Is your feature request related to a problem? Please describe.

For trackers specifically, TC offers excellent, fine grained, descriptive control.
For internet access entirely, it allows to toggle allow/deny for one (existing) app at a time.
Alas, there doesn't seem to be a whitelist option in TC to deny internet access by default.

In NoRootFirewall or NetGuard, although generally less sophisticated, there's this basic option that enables you to effectively block all apps except those you explicitly want - and trust - to go online.

Unfortunately, neither of those firewalls provides anything near TC's depth of insight into tracking.

Rationale One could argue that you either "do" or "don't" trust an app, and you're supposed to only install apps that you **do** trust, so you're fine with them going online and doing whatever they do (minus tracking), right? That argument, however, is either very naive, or very limiting regarding the set of suitable apps. For many apps, your level of trust in them running offline, only, may indeed be significantly higher than your level of trust in them also going online.

As of 2024.01.03, the only approach I can see in TC‌ is a real hassle:‌ You have to manually go through the entire apps list and tap the icon of every concerned app, one by one.

Whenever you install a new app, this approach doesn't even help at all - unless you make the effort to previously download the .apk (without installing), then enter flight mode, then install it, then find it in TC and deny its internet access, and finally, leave flight mode again. Go figure!

Chainloading TC with another local VPN firewall doesn't work, either, as Android supports only one VPN at a time.

Describe the solution you'd like

In Settings --> Options,
provide a toggle Whitelist Mode (or Offline by Default, Deny Internet by Default etc.),
with an help text along these lines:

Deny internet access by default. Applies to new and existing apps. Unless overridden, this causes all apps requiring internet to break.

Additional remarks

This improvement would already make a big difference if it applied to new apps, only.

After all, you can adjust all existing apps - it's a tedious, but one-time task. However, if every single new app install requires hilariously convoluted workarounds just to keep the app offline at first start, that's easily a show stopper. - I, for one, am sticking with another local VPN firewall for this sole reason, and I doubt I'm the only one who'd eagerly switch to TC if this was resolved.
@GfEW GfEW added the enhancement New feature or request label Oct 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GfEW