Android Security

Discussion in 'mobile device security' started by rm22, Jun 23, 2016.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I just disabled Web Protection, restarted my phone and re-enabled Web Protection and the the test page is now blocked.
     
  2. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    849
    Yes. Just click the Norton checkmark at the top right.
     
  3. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    849
    :)
     
  4. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,199
    No:
    As mentioned earlier, Android doesn't offer partial updates. Hence, if there are no updates for your smartphone WebView is also affected - unless you're using a Nexus phone or that app is already installed (and not deactivated). But I've seen many smartphones where this is not the case. It was, e.g., not installed with my Cyanogenmod system.
    Yes, I know. But we all know that many smartphones will not get an Android 7 update.
     
  5. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    So by "no" I guess you meant "yes" by linking to the app on the play store... lol. Just because it states "system component" doesn't make my statement any less true. They are basically replacing this with Chrome.

    So basically what I said is correct and the app updates are limited/restricted by XYZ conditions, gotcha.

     
  6. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,199
    I don't know why you're deliberately neglecting the fact that that app is not installed by default. English is obviously not my native language but I don't think that this part of my message was that easy to misunderstand.
     
  7. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    357
    Location:
    Canada
    i forgot to reply to this... Dolphin appears to not support Webrtc - so it does not leak your IP. But I don't see a way to block 3rd party cookies so I'll pass on it
     
  8. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Thanks for getting back on this. I'm glad to hear that Dolphin doesn't leak the IP, but I decided to uninstall it anyway and install Firefox with uBlock; works better in certain respects.
     
  9. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    357
    Location:
    Canada
    I've done the same
     
  10. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    357
    Location:
    Canada
    I’m compiling the Android issues I’ve come across over the last few weeks so thought I’d post here for reference.

    I’m currently using the following config:
    Avast AV, Anti-theft & Wifi-finder
    CyberGhost VPN (free)
    Firefox w/uBlockO
    Hangouts (SMS)

    Call blocking is covered with Avast AV & SMS (text) blocking with Hangouts

    · Unfortunately AdGuard & firewalls cannot be used with a VPN so they were dropped as options (However, if the phone is rooted you can use AdGuard or firewalls with a VPN)

    · Only 1 app at a time can control SMS on Android(5+) – so no AV can block SMS even though many still state that they do

    · The phone carrier (Rogers) also provides SMS blocking & other features via a web portal so could also use something like CallControl (free) to get broad SMS filter rules & still be able to block unlimited specific numbers with the carrier.

    · Firefox is the only browser I’ve found that allows to: disable Webrtc, block 3rd party cookies, browse ‘private’, set search to duckduckgo, use uBlockO (or similar)… Unfortunately, Norton is the only AV that supports Firefox for web-filtering (but users report on Norton forum anti-theft tools are not reliable currently). Sophos actually crashes when blocking a malicious download from Firefox (works great with other browsers though). Webroot & Avast are both compatible with Firefox, but no web-filtering – which really isn’t a big deal with uBlockO installed & Avast reports support is coming.

    i think that's about it...
     
    Last edited: Aug 8, 2016
  11. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,199
    That's incorrect. You can still use AdGuard in http proxy mode, including its firewall. If it comes to other firewalls, there is, e.g., Afwall+ but you need root for it.
     
  12. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    357
    Location:
    Canada
    ok, you're right - I should have stated "unless the phone is rooted". Thanks for catching that - I'll edit the post
     
  13. Nzyme

    Nzyme Registered Member

    Joined:
    Mar 8, 2014
    Posts:
    4
    1. NetGuard - no-root firewall / NetPatch Firewall - Advanced (for apps calling home)
    2. Bitdefender Mobile Security & Antivirus
    3. Firefox Browser
    4. uBlock Origin & Ghostery add-on
     
  14. guest

    guest Guest

    Nice. Maybe kill Ghostery (questionable privacy policy) and add SDMaid instead.
     
  15. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    445
    Location:
    Mercia
    Rather belatedly I have just realised that my Nexus 9 tablet has not received any security updates since October 2017 and won't be getting anymore. Google just stop sending updates when, in their infinite wisdom, they believe it's time we scrapped our older devices and bought shiny new ones!

    Anyone know if it is a real security threat to continue using such devices as long (cautiously) or should I give in and scrap an otherwise perfectly good tablet?
     
  16. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    Nothing is 100% secure so its possible you will get something whatever you do.

    The usual advice applies; dont install apps from 3rd party sites.
    Play has been hit sometimes with bad apps so maybe for you just update what you already have unless they have been around for a long time.
     
  17. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    445
    Location:
    Mercia
    Well I'm not giving in yet. I'm careful with my apps and have Webroot running just in case. I just find it disgraceful that Google abandon security updates for a device that is less than three years old. I can accept not updating with the latest Android version but to stop security updates is not acceptable.

    Windows 7 devices by contrast will get security updates for another two years, regardless of the age of the machine on which the OS is installed.
     
  18. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    I am just using Adguard DNS for adblocking. Nothing else. Pixel 2 XL here.
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    What if your smartphone gets stolen, is there a way to encrypt data on Android?
     
  20. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
  21. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,557
  22. 142395

    142395 Guest

    Even after you enabled encryption, if you set weak password or used pattern, it may not protect your data well. Pattern is almost as strong as 3 letters with lower and upper case, and sebum on screen can be used to know the pattern. If you use CopperheadOS, you can separate encryption password from unlocking pattern. But I can't use Copperhead or even Lineage as a main phone for some reasons. As a compromise, I created 2 accounts on the android phone, one is owner exclusively used for call and some email, the other is for all other use such as browsing, using apps, etc.. Owner has so-so strong password which is needed after reboot or when I make outbound phone call, while every day profile uses pattern. I can get inbound call on this profile. As the profile doesn't have SNS functionality, its contacts is empty, this will limit the damage even if I got some trojan on it. But TBH, even contacts on owner account is close to empty... I only put often used addresses for convenience. I have full contacts on paper and old feature phone only, and remember important phone number in brain. I can't trust Google, not limited to contacts, but I'm forced to use Google map daily and heavily, so they know where I am...
     
  23. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,557
    To "clarify", this is the procedure Samsung now calls "Secure Startup", which can only be applied to an already encrypted phone. The difference with the default process in Android 7 Nougat, is that the PIN, password or pattern must be entered before the boot, not after it. Supposedly more secure, but the boot is slower, not very important in a phone.

    All phones sold with Android 6+ pre-installed are encrypted by default. If the phone was sold with Android 5 and later updated to 6, it may be not encrypted. In this case, there should be a configuration option to encrypt it.

    If the phone was sold with Android 6 pre-installed and later updated to 7, it may be encrypted using "full-disk" encryption. In this case, there may be an option to change it to the Nougat standard "File-based + Direct Boot" encryption. If this option does not appear, the phone is already encrypted using the Nougat default method (this happens in Samsung phones).
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Thanks everyone for the info, I'm a complete NOOB when it comes to this topic. But if I understood correctly, if you enable encryption it shouldn't make a smartphone that much slower and it won't screw up your data?
     
  25. 142395

    142395 Guest

    If you use newer device, slowdown will be unnoticeable. But it's always good to take backup of your data before enabling encryption. I once tried encryption on an old device, and it somehow failed and all data were gone.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.