-
Notifications
You must be signed in to change notification settings - Fork 9
Android
##Threats With many diverse offerings of Android devices and many variations in the operating system the range of potential attacks against Android devices is quite broad. Often security patches are released but users do not install the updates. Cell phone providers and carriers are also in the habit of deploying custom branded versions of operating systems with their own vulnerable software preloaded, or failing to update custom branded versions with security new security patches. Users also need to protect themselves against a full range of threats that could compromise their personal data; from mass surveillance, rogue applications, and excessive data collection the list of threats is quite long.
##Best Practices
- Keep your phone up to date.
- Use a strong password or pattern.
- Enable full disk encryption.
- Ensure USB Debugging is off.
- Ensure developer mode is not enabled.
- Do not root your device.
- Where possible use a Nexus device as they are updated regularly.
- Back up your device locally regularly - See section on Backups.
- Ensure that GPS features are properly configured to not disclose your location.
##More Advanced Chances are the operating system that came with your phone is loaded with bloatware (useless marketing apps that perpetuate the cell carriers brand) and vulnerabilities from your cell phone service provider (citation needed). It is strongly recommended that you remove the default installed operating system and use a trusted OS that is regularly updated. Where possible use a Nexus device with its stock OS or use official builds of Cyanogen Mod (http://www.cyanogenmod.org/). Replacing your device OS can be an involved process and could damage your phone or void your warranty, so tread carefully.
##Additional Resources
- http://www.cyanogenmod.org/
- https://bluebox.com/android-user-security-guide/
- Mobile Security in 2 minutes - https://www.youtube.com/watch?v=7cTPTQVUDs4?rel=0