We protect our Android


Android is a "fragile" operating system for some points and "strong" in others, today we're going to see one of its fragile points, the safety.
Our beloved robot fact, thanks to its versatility, portability in various platforms, thanks to the Linux kernel is widespread in many devices, ranging from mobile phones to x86 versions for desktops, tablets, and ... refrigerators :), the credit is more than anything else, the dear kernel, adaptable to every need!
So, back to us, security is a problem on Android, we often hear about new malware, rather than backdoors, or flaws in the kernel, or at least in the core of the operating system, but today we'll see how take shelter from malware, backdoors, phishing ...

android_infected_first

1) Antivirus? No thanks!

Many people install antivirus suites, some even more than one ... But what does this mean?

  • Battery drain
  • Drain of resources
  • Useless protection.

Often, antiviruses "break" for programs that we need! And then we'll see why antiviruses are useless

2) Firewall!

ARTICLE LINK: Iptables, configuration
Ok, so let's configure the firewall as in the guide linked above 🙂
Meanwhile I also show you a firewall that blocks internet access to apps directly, iptables locks the doors.
Play store: NoRoot Firewall
NoRoot Firewall, will create a VPN connection that will allow the app to check which apps are trying to access the intenet. Whenever an app is trying to communicate with the outside, the firewall is waiting for a response. Just click the notification, and in the activity select "Allow" or "Deny".

3) Aptoide, external apk

Another way to avoid being infected is to avoid as much as possible external stores How Aptoide, except Amazon AppStore ed F-Droid. If you download from Aptoide, be sure that the app is verified by the team, or even better if only downloaded from the official Aptoide store.
Now you will say: Also on the PlayStore some apps have malware, yes, but the number is so small that it's almost impossible to get infected.
This is why the antivirus is useless. Just have personal precautions.

apps

4) Clean Master, CCleaner ... No thanks

Once again I repeat that Clean Master, CCleaner are useless, here are the consequences of using these tools:

  • Battery drain
  • Drain of resources
  • Sometimes, a file useful to us is deleted
  • Reconnecting to drainages, when Clean Master kills a process (facebook ...) this is reopened due to Android Services (not Play Services). After 1 minute or less your Facebook will still be running: 3

Rather, a recovery wipe cache does just fine 🙂

twrp_wipe-cache

5) JavaScript Alert

JavaScript is an object-oriented programming language used mainly for web development, but it is also possible to develop applications in the desktop environment.
Before JS, the web pages were static, the values ​​did not change, only HTML was used, what attention is a markup language and not programming / scripting. HTML defines pages, JavaScript animates them (client side, or visitors).
JavaScript, animating is also able to make some nice dialogs appear that warn us of something ... This thanks to a predefined function called alert (), it is very simple to use alert (), just insert as a argument a string that is then used to show the message:

alert ("Message here");

then a dialog box will appear telling us Message here, and an OK to close that window.
Now, when we open our browser we unconsciously give information about our position, but also about which one Browser we are using, and on which operating system the browser is running, due to a parameter called User-agent.
So if the User-agent parameter is Chrome on Android (verification with conditional statement thanks to JavaScript) then it shows an alert saying: "Your phone is infected with 12 virus ..."
These are messages FALSE! They are not true, for the simple fact that unless you run a java applet that really scans your mobile you cannot identify viruses! (I do not recommend running Java Applets caso at random).

android_js_alert_browser

6) Cellar cryptography

This is an advice for those at risk "stealing", in fact if the mobile is stolen, as soon as it is turned back on it is impossible to decrypt the phone archive if the password is not known.
Just connect the phone to the power supply, have the battery at least at 80% and have 1 patience time 🙂
Go to Settings-> Security-> Phone encryption, follow the instructions.
I don't know with which algorithm the partitions are encrypted, I think instead it is encrypted / given
Obviously the start will be longer

decrypt

7) Lock Screen: No sequence, face unlock ... PIN from 5 digits

Again, we avoid using sequences or face unlock, but we use a pin with at least 5 digits at random, as I know 71360!

8) Cerberus anti-theft device

Another solution to maybe find the phone if it is stolen is to install cerberus. Personally I advise everyone to buy a license (3 EUR), and if possible use the .zip package in recovery if we have root permissions, if the thief makes a restoration, cerberus remains active ...
To carry out operations with cerberus just go here, log in and you're done.

Download cerberus here o here

screenshot_cerberus

Do you have root permissions? Better!

1) SuperSU: We activate the PseudoPro, we set passwords and some devices for the terminal

In SuperSU, in the settings, we activate the PseudoPro option that activates SuperSU pro for free, yes, you shouldn't do it, I recommend buying it because Chainfire deserves ... I admit that I I did not donate but I hope to do it soon.
Anyway: click on the checkbox for PseudoPro, then once the app has restarted We select a pin in the settings, in the main fragment, we tell SuperSU to ask us for the password every 15 minute for the terminal, so that nobody uses "su" to our knowledge.


supersu_pincode

2) CyanogenMod Privacy Guard

If you have a CM, go to settings-> privacy-> privacy guard, then select for which apps to restrict access to resources.
privacy_guard

3) AdAway, via advertising!

We can also install AdAway which basically modifies the hosts file (/ system / etc / hosts), redirects all traffic from the various advertising sites to 127.0.0.1 which corresponds to your address on your device (aka localhost).
The hosts file is also useful for associating a name with an address, for example
192.168.1.1 router

$ ping router

Download of AdAway: here.

adaway_getting

4) SELinux ENFORCING !!

Many people disable SELinux to have more freedom in the customization and overall stability of the operating system. Yes, that's right, but we will have security consequences.
SELinux is a module of the Linux kernel developed by the NSA, this type of module is called "MAC", an acronym for Mandatory Access Control. It is an internal firewall, which allows you to check the processes, files, integrity of the latter etc ... just security operations.
You can disable it by setting the 0 value in the build.prop (search for selinux), I suggest you leave it / set it to 1.
Download Build.prop editor: here

Receive the latest posts by email

Enter the email and choose the inscriptions on the new page

InTheBit.it
Added devices
  • Compare Smartphone (0)
  • Compare Notebook (0)
Compare