Current desktop solutions for the interception of data forming network traffic include the use of layered service provider (LSP) and windows filtering protocol (WFP) and device drivers on desktop computers running Windows operating systems, device drivers on computers running MAC OS and iptables and device drivers on computers running Linux OS. Each of these approaches allows for the interception and modification of inbound and outbound Internet traffic and processing of the TCP/IP traffic taking place between the Internet and the applications on the machine that are accessing the Internet. These approaches have allowed for filtering of the data stream for parental control, virus scanning, spam filtering, and firewall protection. However, the ability to perform similar interception and processing on a mobile device, such as a smart phone, has been quite limited due to the nature of mobile devices and the carrier networks on which they operate.
On a typical mobile device, such as an iPhone™, Blackberry™, or a smart phone operating the Symbian™ or WindowsMobile™ 5×, 6× allowed device drivers, there is no technology present that allows for the interception of network traffic. Since the primary purpose of the device is to operate as a phone, the phone manufacturers and cellular carriers limit the ability of application developers to create applications that operate in the “user space” of the device within the operating system rather than in the “kernel space” or “machine space” that is typically required for traffic interception, as any potential conflicts at such a low level would lead to the device becoming completely inoperable, rather than just an inability to run a single application while still functioning for other purposes.
Similarly, although certain versions of the Android™ operating system include iptables, not all carriers have enabled iptables, and for those that have enabled this feature, access to iptables is locked down and requires administrator access and is thus unavailable for application designers for similar reasons. Additionally, iptables places all of the intelligence and processing in the kernel modules and only redirects certain data flows into the user space.
Thus, it is not currently possible to perform network level filtering on a mobile device. Current attempts to filter network access on such devices are limited, as for example to direct filtering of loaded material in a web browser.
A technology or method that enables the interception and modification of inbound and outbound network traffic and processing of the traffic taking place between the network and applications on a mobile device that minimizes the risk of conflict in the kernel space would be an improvement in the art. Such an improvement that directed all data flows on the device into the user space for analysis and processing regardless of protocol would be a further improvement in the art.