> We desperately need OS level user configurable firewalls
(I co-develop a FOSS network monitor for Android)
Yes, but: "OS level" firewalls are as weak as the OS itself (as in, if an app gets root, all the sandboxing and firewalling is pretty much done for). One probably must use an external firewall for better protection, but the problem is of course, one can't expect to carry it around everywhere. While for smartphones, the external firewall (fronting an AP / Wifi) is bypassed when using mobile data.
For unprivileged installed apps (as opposed to OEM apps), perhaps a un-rootable OS-level firewall works.
(I co-develop a FOSS network monitor for Android)
Yes, but: "OS level" firewalls are as weak as the OS itself (as in, if an app gets root, all the sandboxing and firewalling is pretty much done for). One probably must use an external firewall for better protection, but the problem is of course, one can't expect to carry it around everywhere. While for smartphones, the external firewall (fronting an AP / Wifi) is bypassed when using mobile data.
For unprivileged installed apps (as opposed to OEM apps), perhaps a un-rootable OS-level firewall works.