DOH (DNS Over HTTPS) Server App - Prerelease Version
By courtesy of Daniel (Frostnerd) the current and brand new DOH Sever App. This version does not yet contain any functions (e.g. start at boot etc.), but is completely re-encoded.
As usual, this app does not contain advertising, tracking, home calls or whatever. We certainly wouldn't recommend it to you if that were the case. And of course, this App is opensource too.
https://git.frostnerd.com/PublicAndroidApps/smokescreen
In the near future there will also be a "keweon Edition", which contains the keweon servers by default. But there will be an extra version of the new DNS Changer app for f-droid, because Googel doesn't tolerate real AdBlockers in the store.
This version is stable, but it is still a pre-release version and there will be more features to add.
The battery consumption is already much lower than with Intra e.g., just be surprised.
Ideas, complaints and any helpful comments can be shared with the hashtags #Bugreport #smokescreen in the BlackBox Security/Data Protection/Support DE group.
🔽🔽🔽Download DoH DNS Changer App 🔽🔽🔽
https://t.me/BlackBox_Security_Datenschutz_DE
#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock
📡 BlackBox Security/Datenschutz/Support DE
By courtesy of Daniel (Frostnerd) the current and brand new DOH Sever App. This version does not yet contain any functions (e.g. start at boot etc.), but is completely re-encoded.
As usual, this app does not contain advertising, tracking, home calls or whatever. We certainly wouldn't recommend it to you if that were the case. And of course, this App is opensource too.
https://git.frostnerd.com/PublicAndroidApps/smokescreen
In the near future there will also be a "keweon Edition", which contains the keweon servers by default. But there will be an extra version of the new DNS Changer app for f-droid, because Googel doesn't tolerate real AdBlockers in the store.
This version is stable, but it is still a pre-release version and there will be more features to add.
The battery consumption is already much lower than with Intra e.g., just be surprised.
Ideas, complaints and any helpful comments can be shared with the hashtags #Bugreport #smokescreen in the BlackBox Security/Data Protection/Support DE group.
🔽🔽🔽Download DoH DNS Changer App 🔽🔽🔽
https://t.me/BlackBox_Security_Datenschutz_DE
#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock
📡 BlackBox Security/Datenschutz/Support DE
DOH (DNS Over HTTPS) Server App
New SmokeScreen Version Alpha-1.0 (Build 8):
- The notification doesn't make sounds anymore
- The notification now shows how many entries are cached
- Added logging which collects some debug info for me (only locally on your device, you can send the logs to me by hand)
🔆 🔆
SmokeScreen DNS Changer APP Neue Version Alpha-1.0 (Build 8):
- Die Benachrichtigung erzeugt keine Geräusche mehr.
- Die Benachrichtigung zeigt nun an, wie viele Einträge zwischengespeichert werden.
- Protokollierung hinzugefügt, die einige Debug-Informationen für mich sammelt (nur lokal auf Ihrem Gerät, Sie können die Protokolle von Hand an mich senden).
#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock #Bugreport
Download🔽🔽🔽
📡 BlackBox▪️Security▪️Datenschutz▪️Support
New SmokeScreen Version Alpha-1.0 (Build 8):
- The notification doesn't make sounds anymore
- The notification now shows how many entries are cached
- Added logging which collects some debug info for me (only locally on your device, you can send the logs to me by hand)
🔆 🔆
SmokeScreen DNS Changer APP Neue Version Alpha-1.0 (Build 8):
- Die Benachrichtigung erzeugt keine Geräusche mehr.
- Die Benachrichtigung zeigt nun an, wie viele Einträge zwischengespeichert werden.
- Protokollierung hinzugefügt, die einige Debug-Informationen für mich sammelt (nur lokal auf Ihrem Gerät, Sie können die Protokolle von Hand an mich senden).
#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock #Bugreport
Download🔽🔽🔽
📡 BlackBox▪️Security▪️Datenschutz▪️Support
SmokeScreen DOH (DNS Over HTTPS) Server App
❓What does this app do?
This app establishes a local dummy VPN -- it doesn't connect to a VPN server and only handles your DNS packets -- to receive DNS requests your phone is sending and forwards them to a Dns-over-https server of your choice. It offers a lot of flexibility, is easy to use and doesn't use many resources. Type #doh, #dns or #alpha to get started.
❓ Who is behind it?
The app is being developed by me, Ch4t4r (or Daniel Wolf if you'd like). I'm 21 years old and a software engineer from Germany. I study computer sciences. You might have seen my DnsChanger application: https://play.google.com/store/apps/details?id=com.frostnerd.dnschanger
❓ How Do I get help?
You have multiple choices for receiving help. Either post here in our
I do answer technical questions as well.
❓ Is this App open source?
❓ Which server do you recommend?
I recommend the
#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock #Bugreport #Support
❓What does this app do?
This app establishes a local dummy VPN -- it doesn't connect to a VPN server and only handles your DNS packets -- to receive DNS requests your phone is sending and forwards them to a Dns-over-https server of your choice. It offers a lot of flexibility, is easy to use and doesn't use many resources. Type #doh, #dns or #alpha to get started.
❓ Who is behind it?
The app is being developed by me, Ch4t4r (or Daniel Wolf if you'd like). I'm 21 years old and a software engineer from Germany. I study computer sciences. You might have seen my DnsChanger application: https://play.google.com/store/apps/details?id=com.frostnerd.dnschanger
Source codes to my apps can be accessed here: git.frostnerd.com❓ How Do I get help?
You have multiple choices for receiving help. Either post here in our
TG support group https://t.me/joinchat/I54nRleveRG3xwAa3StNCg , send me a pm, or an E-Mail to support@frostnerd.com.I do answer technical questions as well.
❓ Is this App open source?
Yes. The source code can be found here: smokescreen.app/source❓ Which server do you recommend?
I recommend the
Keweon Dns-over-https server. This server blocks ads and tracking; keweon.comtelegram group english here: https://t.me/keweontelegram group german here: https://t.me/keweonDE#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock #Bugreport #Support
Evidence and proof of concept that keweon Online Security is not as secure as claimed by its developer.
After a group of independent IT and cyber security specialists proved that keweon is not as secure as claimed by the developer, they confronted the developer with the results and reminded him of a bet. All keweon support groups on TG then were deleted by the developer personally and without further explanation on the morning of February 4, 2019.
We all know by now that the way keweon DNS works is based on users using keweon's DNS and the keweon root certificate.
What has now been proven is exactly what keweon could do with its users, but Torsten vehemently denies and claims "that's impossible" and "that doesn't work":
1. get users to use your DNS server.
2. get users to use your root certificate.
3. redirecting a page, e.g. mybank.com, to one of the keweon servers (by changing the DNS record)
4. issue your own SSL certificate for the website, users have installed your Root-CA and so this is not a "witch work"
5. read username/password from the connection (if 2FA is used, just wait until the user logs in and use the token again quickly as it is valid for 30 seconds).
We now have proof that this is possible without a doubt. In fact, this is a classic MITM attack, and anyone who denies that it is possible either has no idea (you shouldn't assume this from Torsten) or is trying to hide something from his users.
The developer of keweon has repeatedly asserted and insisted that a root certificate cannot intercept connections or collect data.
Quote from the keweon developer with his PayPal bet:
"Prove that to me. Give me any DNS and a root certificate and try to get my PayPal data.
I'll then even contact you when I sign up for PayPal. If you manage to get my PayPal data this way, you can log in and transfer 500 Euro to your account. I have made this offer very often and this is a serious offer from my side."
Unfortunately the developer of keweon didn't contribute his part to the test as he promised so often and of course he didn't log into Paypal via our provided DNS and root certificate.
The only reaction on his part was, apart from some insults, the deletion of all keweon groups on TG.
The security test of the keweon servers also revealed that under certain conditions connections are even redirected to keweon's own termination server and answered with 1x1 pixel gifs.
The fact is that the requests contain tracking IDs that can be easily managed from these servers.
So even Torsten's statement that the keweon SSL server only terminates requests with empty (0 byte) responses is wrong.
This again contradicts Torsten's own statement.
The point now is that the developer of keweon Online Security is actively trying to deny that it is possible for him to abuse the root certificate, although it has now been proven that it is actually possible for him to do exactly that with the keweon root certificate and its users.
Until the developer decides to disprove the accusations made against keweon Online Security or can prove that the accusations against him are unfounded, it is advisable for obvious reasons of security not to use keweon Online Security for the time being.
Anyone who is interested in repeating this test can do so at:
http://keweonwette.info.tm, where you will find a DNS and a root certificate, same as with keweon Online Security.
Furthermore there is a real-time log about recorded connections.
Everything else can be found there.
Please be careful not to use your correct email address or password for this test!
#keweon #test #bet #evidence #ProofOfConcept
After a group of independent IT and cyber security specialists proved that keweon is not as secure as claimed by the developer, they confronted the developer with the results and reminded him of a bet. All keweon support groups on TG then were deleted by the developer personally and without further explanation on the morning of February 4, 2019.
We all know by now that the way keweon DNS works is based on users using keweon's DNS and the keweon root certificate.
What has now been proven is exactly what keweon could do with its users, but Torsten vehemently denies and claims "that's impossible" and "that doesn't work":
1. get users to use your DNS server.
2. get users to use your root certificate.
3. redirecting a page, e.g. mybank.com, to one of the keweon servers (by changing the DNS record)
4. issue your own SSL certificate for the website, users have installed your Root-CA and so this is not a "witch work"
5. read username/password from the connection (if 2FA is used, just wait until the user logs in and use the token again quickly as it is valid for 30 seconds).
We now have proof that this is possible without a doubt. In fact, this is a classic MITM attack, and anyone who denies that it is possible either has no idea (you shouldn't assume this from Torsten) or is trying to hide something from his users.
The developer of keweon has repeatedly asserted and insisted that a root certificate cannot intercept connections or collect data.
Quote from the keweon developer with his PayPal bet:
"Prove that to me. Give me any DNS and a root certificate and try to get my PayPal data.
I'll then even contact you when I sign up for PayPal. If you manage to get my PayPal data this way, you can log in and transfer 500 Euro to your account. I have made this offer very often and this is a serious offer from my side."
Unfortunately the developer of keweon didn't contribute his part to the test as he promised so often and of course he didn't log into Paypal via our provided DNS and root certificate.
The only reaction on his part was, apart from some insults, the deletion of all keweon groups on TG.
The security test of the keweon servers also revealed that under certain conditions connections are even redirected to keweon's own termination server and answered with 1x1 pixel gifs.
The fact is that the requests contain tracking IDs that can be easily managed from these servers.
So even Torsten's statement that the keweon SSL server only terminates requests with empty (0 byte) responses is wrong.
This again contradicts Torsten's own statement.
The point now is that the developer of keweon Online Security is actively trying to deny that it is possible for him to abuse the root certificate, although it has now been proven that it is actually possible for him to do exactly that with the keweon root certificate and its users.
Until the developer decides to disprove the accusations made against keweon Online Security or can prove that the accusations against him are unfounded, it is advisable for obvious reasons of security not to use keweon Online Security for the time being.
Anyone who is interested in repeating this test can do so at:
http://keweonwette.info.tm, where you will find a DNS and a root certificate, same as with keweon Online Security.
Furthermore there is a real-time log about recorded connections.
Everything else can be found there.
Please be careful not to use your correct email address or password for this test!
#keweon #test #bet #evidence #ProofOfConcept
🇬🇧 Keweon Root Certificate Checker
Here you can check if your system is compromised by the currently most prevalent perpetrator. This check may be eventually blocked by them, don't rely on it. There is more than one person or group trying to undermine basic security, this is by no means a novel idea.
🇩🇪 Keweon Root Zertifikat Test
Hier können Sie testen ob Sie von dem aktuell prävalenten Angreifer kompromittiert wurden. Dieser Test kann früher oder später von demselben geblockt werden, also verlassen Sie sich nicht darauf. Es versuchen mehr als eine Person oder Gruppe grundlegende Internetsicherheit zu unterwandern, dies ist bei Weitem keine neuartige Idee.
✅ Test/Check at:
http://https-interception.info.tm/test.html
✅ DNS + Root Certificate Hijack Proof And Demonstration:
http://https-interception.info.tm/
#keweon #test #evidence #ProofOfConcept #dns
Here you can check if your system is compromised by the currently most prevalent perpetrator. This check may be eventually blocked by them, don't rely on it. There is more than one person or group trying to undermine basic security, this is by no means a novel idea.
🇩🇪 Keweon Root Zertifikat Test
Hier können Sie testen ob Sie von dem aktuell prävalenten Angreifer kompromittiert wurden. Dieser Test kann früher oder später von demselben geblockt werden, also verlassen Sie sich nicht darauf. Es versuchen mehr als eine Person oder Gruppe grundlegende Internetsicherheit zu unterwandern, dies ist bei Weitem keine neuartige Idee.
✅ Test/Check at:
http://https-interception.info.tm/test.html
✅ DNS + Root Certificate Hijack Proof And Demonstration:
http://https-interception.info.tm/
#keweon #test #evidence #ProofOfConcept #dns