On Basic Android Security and Anonymity Part 3-Good Habit

Welcome back! Have you had fun with the apps we have installed last time? I am sure there is still some things that will require adjustment, and that is fine. Which is why this time, we will be going over developing some good behavior and habits with our android phones. But before I go on, I want to address a question that has been floating around since I began this series of articles: the Apple question.

What about IOS?

If security is so important, why not use an Iphone then? after all, IOS is praised by Apple for being the most secure mobile OS on the market right? And if it is just that, well you can just pay to get the newest Iphone and don’t be a cheapstake right? Yeah, of course Apple is going to define their own product as a good product. Remember how when Apple revealed their Face ID in november of 2017 and it took a cybersecurity firm a week to break through it by brute forcing it with a fake head and prints of face? Yeah I am sure that one flew under the radar for many. Wanna know something funny? They weren’t even the fastest, just the more public to claim it.

Now, for sure, at the time of writing this, that was seven years ago. But frankly, IOS security has become even worse since then. I could bore you with the details, but that is outside the scope of this article. My main problem with IOS isn’t even the security part thought. It’s about the anonymity. See, IOS is proprietary, meaning we don’t get to see how it is built, what it does in the background and as Apple has been implementing more and more data gathering elements to the usage of the device. Face ID being one of the most egregious ones, you should never, ever, ever, trust a corporation with your biometrics. E.V.E.R. So what we are doing with an IOS device is trusting a company that is not transparent about the data it gathers on its users, forces you to subscribe to it’s Apple ID requiring some personal information it collects and stores for “security”reasons on their servers and are asked to just “trust them bro”. Yeah, no. Not happening, and if you have any amount of self respect, neither should you.

So, now that I have finally addressed IOS, and why there is no reason whatsoever to use one if we want to be secured, anonymous and in control of our devices, I can begin discussing the actual subject, namely some good habits and behavior.

Browser Compartmentalization

The first thing we want to do is compartmentalize our browsing habits. Why and how do we want to do this? See, when you use a browser, it is going to gather certain data in a mostly unavoidable manner, if only to make the websites you want to access work as they will ask for some identifiers (I will not enter the technical details here as they can be somewhat exhaustive). And browsers, like so many other apps, are vulnerable for hackers to get access to those data, or if they are malicious, they can decide to sell those data points. So how do we deal with this?

The answer, as you probably figured from this section’s title, is going to be compartmentalization. We achieve this by using several different browsers for our internet experience. This works because two browsers do not share information between each other. Now, which browsers are best for this and why would be an entire article in and of itself, so I am going to give some pointers about how to divide our compartmentalization and what kind of browser we can use for our purposes.

Our first compartment is going to be our critical, directly anonymity breaking compartment. This one is going to contain our sensitive data, any website we must login using real life credentials or which contains information that can be directly used to identify us. Websites like bank accounts, amazon and co. This includes any website where we dial in our credit/debit card (which we should be avoiding using online anyway if at all possible). We want the browser in question to be either the most secure we can find, or one that is open source. This leaves very few browser possibilities. And, for once, I am not going to recommend Tor for it, as logins defeats the entire point of Tor anyway.

Our second Compartment is going to be our “sensitive browsing”. This is the browser we will be using to browse or access websites we do not want anyone else to know we are accessing. Now, many might say “Only nefarious people with criminal intentions would be that paranoid”. If you think that, you clearly haven’t read my previous articles, or you are on the wrong section of the internet, go back to Facebook and in the comfort of your convenience. For the rest, no, not necessarily, many of you surf porn for example, and I am sure you have kinks that you wouldn’t want your friends to know about, like armpits or feet and, as grossed out as I am about the notion myself, I am still willing to help you protect that weird fixation. And that is a very low hanging fruit type of example here, you might for example not want the government to know you are reading political news from outside your country (I am thinking for example here of Chinese dissidents or someone reading arguments against Islam in middle-eastern countries). The point is, there might be an infinite amount of subjects you absolutely do not want the world to know you are looking it, and it can be as mundane as cat pictures. For this compartment, we are using Tor, and nothing short of Tor will do. Download the Orbot and the Tor browser and go to town. I have an entire article on Tor coming up so stay tuned for that.

Our third Compartment is going to be our research/professional browsing. The reason why we are making this a compartment is because, like in real life, one does not mix professional life and personal life. This is both for anonymity reasons (you do not want your browser to have too much information on who you are and what you do in life), security reasons (if you must login on a company website for example) and things like that. It also helps with focusing I find. In this case, ask your boss which browser they want you to use, and, if they do not care, use whichever you feel is appropriate depending on the level of security required for your specific field of employment.

Our fourth category is going to be our general browsing.This is going to be our manga reading, watching videos etc. I still do not recommend browsers like Chrome here for what should be at this point self-evident reasons, but a browser like Firefox or Chromium should be fine. This is also the one you use to login into website that don’t ask for irl identifiers like merely an email/password for example.

Our final category is Social Medias, where you can use whatever browser as it doesn’t matter anyway since these are your “public” profiles. I put those in a distinct category as for one, these will be public anyway and seeing as how those usually have apps to access them anyway, which you should avoid as those have access to more internal data on your phone than regular browser and you absolutely do not want that, but I also understand not everyone gets as autistic as I am on these things and your threat model might be less critical than mine. The other reason is because by practicing using those on a specific browser, you will begin noticing how adds target you, and it will help you figure out which compartment is being compromised one way or another. Also, forcing yourself out of the convenience of using apps is a bonus in my eyes.

Those are our five basic browser compartments. We may chose to further subdivide certain categories at our discretion but that is the model I personally use. By keeping most of your online usage divided across browsers and avoiding using apps as much as possible, it also lets you control your online anonymity and security by going in the browser settings and putting for example, security at maximum, automatically refuse non https connections, disabling any javascript, motion sensors(don’t believe me, go check in your setting’s privacy and security settings) and the like. Again, YOU are in control, not them. That’s the entire point.

Multiple Users Security Exploit

The principle that I have come to call MUSE is the idea of compartmentalizing your very phone usage. Remember how we discussed how to create multiple users in our settings? Now is the time we delve a tad deeper into that particularity. See, so far we have discussed ways to stay anonymous against our phone itself and the various corporations and other nefarious entities using our own device against us. But what if for some reason or another said nefarious entities get access to our phone physically? What then? This is where MUSE comes in. We want to Compartmentalize our very device between several users. Here is how we will divide their usage:

Our “admin” or main User will be logged in only at home. We are never to log back into it outside of home for any reason whatsoever, because this owner account will have unlimited access to this phone. Simple so far? Good. Moving right along. Do not forget to give this one a strong password

We are going to create a user for when we are at work. We are thus only will be using work related apps and usage. We may download professional related applications here for example, and a second series of browsers to further compartmentalize our browsing.Choose either a PIN or a password as appropriate to your workplace’s security necessities.

Our third user will be our “transit” user. We want to have as little available on this. Music, a few ebooks and browsers. Nothing directly identifiable should be in this user. Give it also a strong password. We will be using this one either when driving around or when transiting from one place to another. That way, if we get pickpocketed or mauled or stolen while say at a fast food joint or in the bus.

We can then create our “secondary” users, which will be dedicated to places we go often enough like a friend’s house our your love partner’s place or a specific camping spot. You can then tailor your profile to that specific place while keeping in mind the previously discussed principles of security and anonymity.

Finally, we have our third category of users, which are “Temporary” users. We use those for special events we go where we will need specific apps/information like at a party, a protest etc. Now, for those, I personally recommend using a burner phone entirely and leaving your actual phone at home. But life being how it is, this is the best next action.

My last point about MUSE is that, in certain countries like Canada, you are legally obligated to unlock your phone when a police officer requires you to. If you believe cops never abuse their powers, I have an Iphone to sell you. This gives you probable deniability “I dont know about other users”, or “this is a lent phone” suddenly can throw their case, be the case valid or not, against you in the dirt water. Now this isn’t be condoning criminal action. It’s me helping you to defend yourself against a tyrannical regime. Remember the basic principle of laws outlined by Cesare Beccaria in his book “On Crimes and Punishments”, Magistrates will abuse their powers, any law system that isn’t strictly necessary for the social compact is tyrannical and any system will inevitably turn from a necessity to necessarily create problems to justify itself. Ye have been warned.

SIM

Believe me or not, but I am going to autistically recommend you to not keep your SIM in your phone at all time. Remove it when at home or when in transit. Put it back in only when strictly necessary. The reason for this is because with no SIM in, you can’t be tracked due to phone signal, and no SIM means tapping your phone becomes considerably more complex. This also removes yet another mode of attack against yourself, and will keep your annoying boss to join you outside your work hours. If they positively need you to answer the phone outside of work, tell them to provide you with a company phone. Simple as.

Conclusion-Use Judgment

My final point about good habits is that you develop those over time. Trust your instincts and if something feels too convenient or easy, its probably a trap. Use your judgment to make calls and further your compartmentalization of your phone with time based on your personal threat model. Add a little bit at a time and you will see a world of difference very rapidly. All of these tricks in these last three articles have been slowly pushing you to the absolute limit of security and anonymity one can get without being necessarily particularly tech savvy. If you followed all the advice I have presented so far, you will probably have already noticed the difference in the types of adds you receive, but also in your personal life, data usage and many other online factors. This is you having walked a fairly long road. I am proud of you my friend. Our fourth and final part will be the final jump into completely taking back your phone into your hands, where we will touch on rooting your phone, flashing a new OS, and advanced tradecraft techniques I have kept up my sleeve up until now. Many of you will probably stop at this article and that is fine too, just know that the next step is much, much shorter than you probably believe it to be.

Until next time, thank you for reading me, and remember

We will be watching

The G.H05t

Filed under: Uncategorized - @ July 10, 2024 5:07 am

 
Clicky