Android is a "fragile" operating system for some points and "strong" in others, today we're going to see one of its fragile points, the safety.
Our beloved robot fact, thanks to its versatility, portability in various platforms, thanks to the Linux kernel is widespread in many devices, ranging from mobile phones to x86 versions for desktops, tablets, and ... refrigerators :), the credit is more than anything else, the dear kernel, adaptable to every need!
So, back to us, security is a problem on Android, we often hear about new malware, rather than backdoors, or flaws in the kernel, or at least in the core of the operating system, but today we'll see how take shelter from malware, backdoors, phishing ...
1) Antivirus? No thanks!
Many people install antivirus suites, some even more than one ... But what does this mean?
- Battery drain
- Drain of resources
- Useless protection.
Often, antiviruses "break" for programs that we need! And then we'll see why antiviruses are useless
ARTICLE LINK: Iptables, configuration
Ok, so let's configure the firewall as in the guide linked above 🙂
Meanwhile I also show you a firewall that blocks internet access to apps directly, iptables locks the doors.
Play store: NoRoot Firewall
NoRoot Firewall, will create a VPN connection that will allow the app to verify which apps are trying to access the internet. Whenever an app is trying to communicate with the outside, the firewall is waiting for a response. Just click the notification, and in the activity select "Allow" or "Deny".
3) Aptoide, external apk
Another way to avoid being infected is to avoid as much as possible external stores like Aptoide, except Amazon AppStore ed F-Droid. If you download from Aptoide, be sure that the app is verified by the team, or even better if you download only from the official Aptoide store.
Now you will say: Also on the PlayStore some apps have malware, yes, but the number is so small that it's almost impossible to get infected.
This is why the antivirus is useless. All you need is personal care.
4) Clean Master, CCleaner ... No thanks
Once again I repeat that Clean Master, CCleaner are useless, here are the consequences of using these tools:
- Battery drain
- Drain of resources
- Sometimes, a file useful to us is deleted
- Reconnecting to drainages, when Clean Master kills a process (facebook ...) this is reopened because of Android Services (not Play Services). After 1 minute or less your Facebook will still be running: 3
Rather, a recovery wipe cache does just fine 🙂
alert ("Message here");
then a dialog box will appear telling us Message here, and an OK to close that window.
Now, when we open our browser we unconsciously give information about our position, but also about which one Browser we are using, and on which operating system the browser is running, due to a parameter called User-agent.
These are messages FALSE! They are not true, for the simple fact that unless you run a java applet that really scans your mobile you cannot identify viruses! (I do not recommend running Java Applets caso at random).
6) Cellar cryptography
This is a tip for those who are at risk of “stealing”, in fact if the mobile phone is stolen, as soon as it is turned on again it is impossible to decrypt the phone archive if the password is not known.
Just connect the phone to the power supply, have the battery at least at 80% and have 1 patience now 🙂
Go to Settings-> Security-> Phone encryption, follow the instructions.
I don't know with which algorithm the partitions are encrypted, I think instead it is encrypted / given
Obviously the start will be longer
7) Lock Screen: No sequence, face unlock ... PIN from 5 digits
Again, we avoid using sequences or face unlock, but we use a pin with at least 5 digits at random, as I know 71360!
8) Cerberus anti-theft device
Another solution to maybe find the phone if it's stolen is to install cerberus. Personally I advise everyone to buy a license (3 EUR), and if possible use the .zip package in recovery if we have root permissions, if the thief makes a restoration, cerberus remains active ...
To carry out operations with cerberus just go here, log in and you're done.
Do you have root permissions? Better!
1) SuperSU: We activate the PseudoPro, we set passwords and some devices for the terminal
In SuperSU, in the settings, we activate the PseudoPro option that activates SuperSU pro for free, yes, you shouldn't do it, I recommend buying it because Chainfire deserves ... I admit that I I did not donate but I hope to do it soon.
However: we click on the checkbox for PseudoPro, then once the app has restarted we select a pin in the settings, finally in the main fragment, we tell SuperSU to ask us the password every 15 minute for the terminal, so that nobody uses "su" to our knowledge.
2) CyanogenMod Privacy Guard
3) AdAway, via advertising!
We can also install AdAway which basically modifies the hosts file (/ system / etc / hosts), redirects all traffic from the various advertising sites to 127.0.0.1 which corresponds to your address on your device (aka localhost).
The hosts file is also useful for associating a name with an address, for example
$ ping router
Download of AdAway: here.
4) SELinux ENFORCING !!
Many people disable SELinux to have more freedom in the customization and overall stability of the operating system. Yes, that's right, but we will have security consequences.
SELinux is a Linux kernel module developed by the NSA, this type of module is called "MAC", acronym for Mandatory Access Control. It is an internal firewall, which allows you to control processes, files, the integrity of the latter, etc.… security operations.
You can disable it by setting the value 0 in the build.prop (look for selinux), I recommend you leave it / set it to 1.
Download Build.prop editor: here