11 current Android | foAudits Security recommendations

by bills 27. October 2018 16:58


1. Update your OS within the major release, when notifications
    advise you to do so, or periodically regardless.

    notes:

    sync foAudits and confirm your data is on the server first.

    If Android wants to update to a higher major
    version number, such as 7 to 8, have your foAudits admin
    contact us first.

2. Frequently backup your device to a desktop,
    and backup those backups as well.

    Use a dated-file approach
    eg: "2018-06-11_[username]_Nexus6-backup"
    and rotate those backups onto different, disconnected, devices.

    Keep at least one relatively-current storage device off-site.

    It is common to keep the last weekly and last monthly backups off-site.

3. Install Malware Bytes (and set it to run multiple times per day).

    https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware

4. install ccCleaner (and run periodically).

    https://play.google.com/store/apps/details?id=com.piriform.ccleaner


5. Use Firefox as your browser and update it regularly.

    https://play.google.com/store/apps/details?id=org.mozilla.firefox

6. Install the following extensions within Firefox.
 * NoScript Suite
 * Better Privacy
 * Ublock Origin

about:config

browser.pocket.enabled - false

loop.enabled - false


7. Install Blokada, to understand (and choose)
    exactly what processes are harvesting your data.

    https://f-droid.org/en/packages/org.blokada.alarm/

8. Never use free, centralized, email providers, such as
    gmail, hotmail, aol, juno, yahoo, yandex, hushmail
    as these are frequently hacked and/or state in their own

    terms-and-conditions that they mine your email data, your
    attachments, and even the data from those that you
    communicate with.
   
    Even if they are not using the same service
.


    Suggested email:

    K-9 Mail
    https://f-droid.org/packages/com.fsck.k9/


    Others:

    http://prxbx.com/email/


Google Settings


9. Disable the ADB interface and close this port.

    Settings->Developer Options->USB Debugging

    reason:
    Closes port 5555 to hacking attacks and defeats
    a specific password pattern unlock attack.


10. Turn off automatic Google backups.


    Settings -> Backup & Sync  [off]

    In the list of options under Google Settings,
    find “Google Photos Backup” and disable this.

    and

    Settings -> Personal -> Backup  [disable].
    (if that is on your device)

    Disabling the fingerprint scanner is suggested as well.

    * more info.


11. Install dns66
blocks (bad) dns traffic
https://f-droid.org/en/packages/org.jak_linux.dns66/


BONUS

a. Install FING to analyze your network

    https://play.google.com/store/apps/details?id=com.overlook.android.fing

b. Install WiFi-Analyzer for the same reason

    https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer


If you are using other tools or processes
please let us know, so that we can pass those along!


Tags:

Our blog contains...

Tips, news and workflow articles on mobile auditing platforms, such as smartphones and tablets.

mobile auditing tips

<<  December 2018  >>
MoTuWeThFrSaSu
262728293012
3456789
10111213141516
17181920212223
24252627282930
31123456

View posts in large calendar