On basic Android Security and Anonymity Part 1-The Settings
Hello everyone! It has been a while since I wrote anything in here. The last few months have been…hectic to say the least and I had to prioritize some stuff. Let me start this year with a banger of an article shall we?
You may have been thinking that your phone’s security and degree of anonymity is severely lacking with recent events, and been thinking “I should do something about this”. You have then began scouring youtube, google and the like to try and find how to do it, and then you have found yourself facing videos and articles telling you to “DeGoogle” your phone, flash your OS for GrapheneOS/LineageOS or some other nonsense that seems overtly complex and got immediately discouraged.
I will not lie to you my friend, but these are indeed the best way to secure and anonymize your phone. However, these are not the only avenues at your disposal. Maybe you need to be eased into cybersecurity mindset and in the anonymization process. Maybe for your own threat Model(See my previous article on that subject), you don’t need to go that far. This article is going to be for you. We are going to go over a few steps and a handful of apps that will help ease you into that mindset first, familiarise yourself with certain principles while remaining easy to use. This is going to be a series of articles as I do not want you to feel intimidated by too much information at once. So let’s begin with the beginning.
The Pull Down Menu
Let us begin by the easiest part, the pull down menu. First thing you want to do with this is turning off your wifi. I know, crazy right? Except that wifis open up a type of hacking attacks called “man in the middle”. I will not bore you with unecessary details, but the short story is that hackers can fake being a wifi so that your phone “recognizes it” as a public wifi it has already been connected to like McDonald’s wifi. You do not want that to happen. So learn to keep this shut off except when at home. If you want to go a step further, never turn it on, and only connect directly to a rooter via an ethernet cable and a USB-C to Ethernet adapter (fairly cheap and cancels vast majority of the vulnerability of wifis).
You also want to kill your data connection unless currently in use. Turn it on only when necessary. This ensures not only the isolation of your device from the net (to a degree) but it also serves to reduce unnecessary exposure. Less broadcasting=more anonymity. You should turn on Airplane Mode whenever you are not actively using your phone, killing even further broadcast.
Shut down Bluetooth. Bluetooth is the devil and one of the biggest vulnerabilities in any device nowadays. It is a main vector of attacks nowadays. Turn off NFC too. You should never use it as it is only to use your google wallet or whatever app you use to store your credit card/debit card and pay with your phone. You do not want to do that. This is putting all your assets in a single device. Imagine someone steals your phone. They have not only full access to your social medias, emails, work account, phone contacts, but now they also have access to your bank accounts. Don’t put all your eggs in the same basket. More on that in Part 3.
Finally, turn off your location tracker and the Nearby Share. While convenient to use Google Map, and other apps like UberEat, this is again telling these corporations “Hey, I am here, this is my location”. One can derive a lot of information from that single, dynamic data point. Turn it off.
The Dreaded Settings
I find that many people are terrified of this section of their phones. Yet therein lies some of the most egregious offenders to your anonymity and security and we want to turn these off as soon as possible. Do not worry, once again I am here to guide you through these.
Notifications&Apps
Ok, so what you want to do is go in the Special app access section, go to Unrestricted data and turn everything off that is not strictly necessary. This means everything that is not your carrier services just fyi. If you do not have that section, or even if you do, you may want to go in the App info section and go over every single app one by one, turn on the “remove permission if app isn’t used” and remove all permissions you feel is unecessary. This may be a tad time consuming and may take you a few minutes, but turst me, this is for the best. Then, disable all the apps that you cannot remove and do not want to use (repeat offenders here are Google Assistant for example. Can’t uninstall it, but you can disable it). This part is not very complex, it just takes a while. It will also let you know which apps had access to which parts of your phone so far.
Biometrics & Password
Kill all biometrics. Just do so. Its nowhere near as secure as the various companies say it is (yes, it is 100% possible to hack those) but by enabling them, you are giving Google AND your phone manufacturer full access to your biometrics.
Yeah. Now that you’ve just realized what this means and how many thousands of people, many of which you are not sure to trust with that information, have had access to it, it is horribly bad. Turn all biometrics off. Face Unlock, fingerprint reader, all of it. Kill it with fire.
For your screen lock, choose a password instead of a pin, and choose one long enough to make it difficult to guess via bruteforcing. I’ll write an article soon on how to make a good password so stay tuned for that one.
Privacy
Okay, so see that subsection with “autofill:? Yeah, kill it with fire too. Turn it off, predictive algorithms are bad enough as it is, no need to feed them how fast and how your write. In your “Activity Controls” section, it will tell you all the things that Google is monitoring “for you” on your account. Turn everything off.Google hoard that data on you but won’t tell you why. I don’t trust a company that has no transparency and neither should you. In the Ads section delete your Ad ID. Finally, turn off the Usage&Diagnostics section. If you must send a diagnostic of your device to Google, do it manually. This when turned on just gather everything you do on your phone and sends it to Google as it also includes the very innocuous but important word “usage”.
Security
Turn your “Find my device” off. That’s another potential vector of attack and another way to learn your location. In “App lock” turn it on, choose all the apps and then create a password to have access to it. Then, in the advanced section, in Encryption & Credentials, go and encrypt your device. This means that even if your device gets stolen, getting access to it will be much, much, much harder.
System
Finally, you will see here a section called “Multiple Users”. This lets you create multiple profiles on your phone, each protected with a password and with different informations, and different accesses. Use that to your advantage. Create a work profile. A “nights out” profile. Log on these profiles when outside of home so to not jeopardize your private information’s security. These are ridiculously simple to create and you can even delete them after usage.
With this we have concluded the SETTINGS section for now. We will come back here in a futur article after installing some apps in part 2 but for now, this is already a massive step in the right direction.
And here we have it. We already combed through a lot of our vulnerabilities and this is a great step forward in our understanding and proactive choices toward anonymity and security. Now, I do not want to be a downer here, but this is far from enough to get Google and the various internet giants off your back. They do not respect the “do not use my location” and many, many other elements of the phone you think you killed by going through this. For example, apps are still collecting usage data and giving them to Google as part of their arrangements to be on the Play Store. There are thousands upon thousands more vulnerabilities like this that are still opened on your one device.
And before you get discouraged by that notion, this wasn’t all in vain. In am certain many of you realized just how many vectors of potential attacks were on your phone and sensitizing you to these was the actual first step in this guide.You cannot fight something you are not aware exists in the first place after all. Now you know. Now, you can get back control of your phone and online identity.
This may be a small step in facts, but entire empires and religions began with a single step forward my friend. We will get there together. Just remember the small notions I have imparted on you for now and try to apply them for now until Part 2 releases.
Until then, I bid you a great week my friends, and always remember
We will be watching
_The G.H05t
Filed under: Uncategorized - @ April 17, 2024 5:19 am
