A firewall blocks any app connecting to the Internet over Wifi or Mobile data. Since most forms of surveillance require the data to be sent over the network to a server, firewalling them effectively mitigates that threat (File Managers, Alarm Clock, Calculator are few such examples of apps that do not require any Internet access to function).

Smartphone's entire network traffic is tunneled through our app (by the means of a Virtual Private Network). All outgoing connections from blacklisted apps are blocked right in its tracks.

Messaging apps, for instance, can't be firewalled altogether, but can be, instead, blocked from accessing certain server endpoints of known ad-networks and trackers. This is how popular browser based content blockers like uBlock Origin work (in addition to doing a host of other things).

Specifically, we achieve this by firewalling traffic at the DNS layer: By sending empty responses when asked to resolve blacklisted domain names. For example, domain name of a known tracker, say follows.you.everywhere.com, is never resolved by bravedns; resulting in effectively letting other traffic from the apps through, but to this particular domain.

DNS based content-blocking isn't as full-proof as traditional Firewalls. It is rather trivial for apps to by-pass it, though in practice, not many, if any, apps do so. Our test runs show upto 60% of the connections are made to trackers and ad-networks, but this is entirely a function of the phone manufacturer and the apps installed.

The app encrypts your requests sent to Domain Name System (DNS) server run by bravedns with presence in our 200+ locations world-wide. DNS servers are the address book of the internet: A DNS server provides the exact addresses you need to visit a website or open an app.

However, it is common to alter responses sent by DNS servers to block access or redirect to fake websites. By encrypting the connection to DNS servers on your Android device, bravedns helps ensure that the results can’t be manipulated, so you can safely access the internet.

If enabled, the connectivity (DNS) logs are collected and analysed. Automated reports flag previously unknown or suspicious connections, and reveal the extent of attempt to steal data by spyware networks. In our tests, around 60% of the traffic is flagged and reported as being initiated by known spyware. Logs generated are made available in near-real time to the user for their own analysis.

The bravedns app keeps track of connections an app makes from the Android device and tracks its data usage. This reveals the apps that over-zealously keep connecting to various endpoints on the Internet.