The Privacy Enthusiast's Guide to Using Android

[Batu69]

With everyone from local scammers to government agencies trying to get hands on your data, there’s never been a better time to beef up your privacy game. Fortunately, there are a ton of options out there to keep your messages, files, and phone safe on Android.

 

Before we begin, we should point this out: using a smartphone is always going to be a risk. Especially one running services from Google. You can use these tips and apps to protect some of your communication, but you’re never going to be totally off the grid as long as you’re using an Android phone. That doesn’t mean you have to make it easy on an attacker, though.

Change These System Settings to Protect Your Privacy

When you first get your phone, it’s a good time to start protecting yourself. During the setup, make sure you disable any options asking to track your data. After that (or if you’ve already set up your phone), there are a number of precautions you can and should take. We recommend everything on the following list, but they all come with some convenience sacrifice, so decide for yourself which ones you need:

 

• Set a strong alphanumeric password. Android gives you the option to use a pattern or PIN to lock your phone, but to be safe, you should use a strong alphanumeric password. Open the Settings app and head to Security > Screen Lock. Set a password that includes numbers and letters.

 

• Don’t use your fingerprint to sign in. Fingerprint sensors are convenient, but the law around them is complicated. While it’s still being hashed out in the courts, currently police can compel you to use your fingerprint to unlock your phone. It’s better to just not use it at all. On Nexus and Pixel devices, head to Settings > Security > Pixel Imprint and delete any fingerprints you’ve saved.

 

• Encrypt your phone (if it isn’t already). Some manufacturers don’t encrypt your phone by default. If you have to enter a PIN before the phone boots up, it’s probably encrypted already. Just to be sure, head to Settings > Security. Under Encryption, you should see “Encrypt phone.” If it says “Encrypted” below that, you’re good. Otherwise, tap it and follow the instructions to encrypt your phone. This may take a while and it may slow down some older phones, but it’s worth it to protect your data.

 

• Hide notification information from the lock screen. Android will show notifications even when your phone is locked, but you can hide sensitive information if you don’t want prying eyes to see. Head to Settings > Notifications then tap the gear icon at the top. Finally, tap “On the lock screen.” You can either choose “Hide sensitive notification content” to conceal things like messages and email contents, or “Don’t show notifications at all” to ensure no one sees anything.

 

• Disable Google’s tracking activity. Google is the biggest glutton for data around, so disabling their tracking is almost a Sisyphean task, but you can at least turn off as much as you can. Head to this link, click the menu button at the top, and choose “Activity Controls.” Here, you can disable location tracking, search tracking, voice tracking, and even your YouTube history. Note, Google may still keep some anonymized info about you, but this can minimize how much they have.

 

• Turn off Google backup. Google backs up a ton of information about your device, including call history, apps, and even what Wi-Fi network you’re connected to. If you’d rather Google not have that info, head to Settings > Backup & reset > Backup. You can either disable backups entirely (and make your own) or selectively disable the data you don’t want to store.

 

• Turn off any unnecessary app permissions. As of Android 6.0 (Marshmallow), Google finally lets you pick which permissions to give to apps. For starters, that means you should probably get an Android phone running Marshmallow if you’re concerned for your privacy. Then, head to Settings > Apps and tap the gear icon at the top. Then tap “App permissions.” Here you’ll be able to see permissions for things like Calendar, Contacts, Location, and Microphone. Tap each one and disable any apps you don’t trust. Keep in mind, this may break some apps if you’re not sure why they need that permission. If you’re really not sure you can trust an app, you might be better off uninstalling it.

 

• Turn on two-factor authentication. Your account is only as safe as your password (which isn’t very safe) unless you enable two-factor authentication. You can turn it on for your Google account here, and then for any of your other accounts on this list. It’s also a good idea to use an app like Authy to manage your authentication tokens, since it lets you lock the app with a PIN. This protects your tokens in the event someone steals and unlocks your phone.

 

• Enable Android Device Manager. ADM can find your phone remotely, so it might be a bit of a toss up from a privacy standpoint. On the one hand, it means Google will have information about where you are. However, you can also use it to locate or wipe your phone remotely. If you want that nuclear option in case you lose your device, this might be a good tool to have.

That should handle a lot of the data and vulnerabilities that come with having an Android phone (though you should still assume there’s some kind of data being tracked from your account). However, that’s only part of the equation. Next, you’ll need to take a look at the apps you use every day.

The Productivity Apps That Protect Your Privacy

Most productivity apps are designed to help you get stuff done as conveniently as possible. Protecting your privacy, however, is rarely the most convenient. Consequently, you might need to use apps that are designed to protect as much data as possible, even if they have to forego useful features like cloud syncing or complex computer analysis. Some, like a VPN, you might not need all the time, but you should almost always be using apps like a password manager.

 

Also keep in mind that if you received your phone from your company through the Android at Work program, your data will still be visible to them even if you use these apps. If you want to keep your information as private as possible, use your own phone and keep it as locked down as possible.

Web Browser: Brave

 

While lots of browsers claim to protect your privacy, we’ve found that Brave stood out as one of the best. It uses HTTPS Everywhere to keep your traffic encrypted and it blocks scripts, cookies, phishing, pop-ups, and ads. If you find that a site doesn’t work with Brave, you can selectively re-enable each of those features to figure out what’s breaking the site and even whitelist it if you decide it’s worth it to you.

 

On the desktop, Brave has a weird system that lets users choose to pay publishers instead of seeing ads. However, this doesn’t appear to exist in the mobile version, so you can safely ignore it. It’s not perfect, but it gives you a lot more flexibility to block third-party data tracking than Chrome does.

Email: ProtonMail or Gmail

 

For the most thorough email privacy, ProtonMail is the way to go. It encrypts all of your messages by default. You can send email to other ProtonMail users and they’ll be able to read it like normal. If you send it to anyone else, they’ll be given a link where they’ll need to enter a password in order to read your message. This is a very inconvenient way to send email, but if you need to guarantee that no one but the recipient reads your email, this is the way to go.

 

If you’re slightly less paranoid, Gmail is still an excellent way to keep your email private from everyone except, well, Google. Every email is sent over SSL and Google encrypts each message from sender to receiver. Unfortunately, Google itself is still able to see and scan your emails, and it may even have to turn some data over to the government if they receive a legal request. However, Gmail will at least protect your messages from some random snooper or someone who finds your phone (as long as you have a strong password and two-factor authentication, like we mentioned earlier).

 

In general, email is pretty hard to secure since it always relies on a third-party server to send messages. If you’ve got a good reason to wear your tinfoil hat, you can always try rolling your own email server, but keep in mind it’s really hard.

Messaging: Signal or WhatsApp

 

If you really need to communicate with someone securely, Signal and WhatsApp are going to be much better for your privacy than email. Both of these apps feature end-to-end encryption, they don’t store your messages after they’ve been delivered, and they can both do voice calls on top of text messages.

 

Inconveniently, both parties will need to have the app installed to use it, but it’s fairly easy to set up an account.

 

For those who want the absolute most privacy possible, however, Signal offers a slight edge. It doesn’t store metadata about who you’re talking to, but WhatsApp does. Neither app knows what you’re talking about, but WhatsApp knows who you’re talking with and when.

 

If WhatsApp receives a legal warrant, it can hand over that data. WhatsApp can also backup your messages to Google Drive, though they’re encrypted so that shouldn’t be that big of a deal. Even if law enforcement requested it from Google, they wouldn’t be able to read it. Still, it’s important to know that the backup is there.

Password Manager: LastPass or 1Password

 

The best way to protect a strong password is to not know what it is. Password managers can generate long, complicated passwords for you and automatically enter them into the sites you visit. Our favorite password managers are LastPass and 1Password.

 

LastPass is free and lets you sync your password vault across platforms, but the downside is that it uses its own servers to do it. While your data is encrypted while it’s on LastPass’s servers, it’s still possible for it to get hacked if someone targets the company, which happened once. Their encryption was strong enough to prevent the attackers from gaining access to users’ stored passwords which is encouraging, but if you need to be super careful, you might not want to risk it.

 

1Password, on the other hand, offers two kinds of syncing. You can pay $3/month to sync your account through 1Passwords servers, or you can just use your own Dropbox account. You can also skip syncing altogether and store all your passwords in a local vault and manually copy them from one device to another when you need to. This makes sure that no one can get access to your vault, even if they attack a third-party.

VPN: Hideman, Tunnelbear, or NordVPN

 

Using a VPN is the most basic way to secure all of your web traffic. Once you connect to a VPN, your traffic is encrypted so no one snooping can see what you’re looking at. This is particularly useful when you’re on public networks where you might not control your internet connection.

 

On this front, we like Hideman, NordVPN, and TunnelBear. Each service requires a monthly fee, but you get a small allotment of data for free each month. You won’t want to watch hours of Netflix with it, but it can help cover your traffic when you’re at the airport or hotel.

Notes: Notes Lock

 

Google Keep was a surprise hit for note takers, but you can’t lock your notes down and they’re all stored on Google’s servers to boot. Notes Lock on the other hand keeps all your notes on your device and secures them behind a pass code, PIN, or pattern lock (though for the best security, you should probably use the pass code). You can use Notes Lock to write down notes or create to-do lists in a variety of colors and fonts. Even as a generic notes app it’s pretty robust, which makes the security features the icing on the cake.

 

If you want to sync your notes, you can choose to save your notes vault to Dropbox to share it between devices. Like with 1Password, this gives you more control over how your data is stored, rather than passing it off to a company like Google. Of course, this means someone could find your notes vault in Dropbox, but it will still be encrypted so they shouldn’t be able to read it anyway.

Cloud Storage: SpiderOak

 

Dropbox is pretty good at protecting your data, but if you need to go one step further, SpiderOak is the best way to store data in the cloud and keep it secure. The company employs a “zero knowledge” policy, using local encryption so it can’t read what’s in your files before you even upload them. SpiderOak doesn’t offer any free storage, but it offers 100GB/month for $5 which is competitive with services like Dropbox and Google Drive.

---

This should be a good start to protecting your typical Android usage from prying eyes. Nothing in here (or anywhere, really) is 100% bulletproof, but you’ll be one step ahead of the pack, which is often enough to get your everyday attacker off your back.

 

Article source

[Togijak]

not that bad but I miss hints to XPrivacy and AFWall+  and as long security agencies don't care about the law no smartphone can be secure / private

[NaJeEb303]

7 hours ago, Togijak said:

not that bad but I miss hints to XPrivacy and AFWall+  and as long security agencies don't care about the law no smartphone can be secure / private

your suggestions are good but they require root and custom recovery also (in case of Xposed) which a large number of people dont even know about , also some people dont want to root their phone or some phones are simply unrootable -> a perfect example Here , which you might remember  

[Togijak]

The question is about witch kind off privacy we are talking, government spying or company using our date? The only protection against a government is to throw your smartphone etc. far away (ore give them wrong information )

[Sylence]

10 hours ago, NaJeEb303 said:

your suggestions are good but they require root and custom recovery also (in case of Xposed) which a large number of people dont even know about , also some people dont want to root their phone or some phones are simply unrootable -> a perfect example Here , which you might remember  

 

Un rootable phones have more security because exploits don't work on them

[steven36]

On undefined at 7:45 AM, Togijak said:

security agencies don't care about the law no smartphone can be secure / private

In the USA there's no such thing on a phone or pc  if you are wanted for something there is no laws on encryption yet .. There is this one guy who's been in jail  along time no trial or anything for not unlocking his encrypted computer  so if you dont want to go  too jail  dont put nothing on them that needs  encrypted that will get you in trouble. Encryption may can keep the government out but it still want stop them from putting you in jail tell you unlock it  ..So really its only good too keep only non law enforcement out . What are you doing that's worth going to jail over on the internet? Tell laws are made on it you could be jailed tell they determine if there is a plenty  or is it ones right too keep the government out.

 

Phones never have been secure no way back when cells 1st came out you could hear them on a normal  police scanner  and they still have stuff were they can listen in .They been taping  them since the 1890s and its legal as long as they get a court order.. And if you lock a phone in the USA with a fingerprint most likely a judge  will force you too unlock it.

 

The default Encryption they put in phones  hackers can unlock anyway  and if you use something they cant unlock they will put you in jail tell you do . Tell you realize the internet is not private there is no way you will ever understand how to protect yourself . A good start is too never use you're real info on the internet and always use fake names and never use the same nick name on 2 sites  and never post anything that will tell them who you are.  But phones lol  have a built in tracking device so it's not even logical to think you have any privacy  unless you use a burner phone offline.

 

[Togijak]

on my smartphone and my notebooks i have this sticker

 

and if someone like it he can order it here https://shop.piratenpartei.de/accessoires/aufkleber-page-3.html

And no, I don't think it is only the NSA, I know that german secret services are also using NSA tools and other country's are not indeed better.

[Togijak]

For the users who can read German

 

 

22 pages out of CT 4 / 2017

 

Site: http://ge.tt
Sharecode[?]: /4v9odsi2