What is your Mobile security setup these days?

Discussion in 'mobile device security' started by guest, Nov 15, 2016.

  1. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Can you write why, and what do you recommend as an alternative?
    TH.
    :)
     
  2. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,002
    Location:
    Member state of European Union
    Biometrics is good for mobile. Theoretically better protections are worse if you don't use them or pokes holes (increases autolock delay). In this case convenience is key to security. Better is enemy of the good. To enter passphrase privately in public you would have to go full Snowden anyway.
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    Sampei, because you cannot change your biometrics, so if someone has them = they can be you. Also, the way biometrics are implemented, they aren't foolproof, and false positives are possible with relatively high probability.
    Mrk
     
  4. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    344
    Location:
    Finland
    Hi,
    Still using very old Xcover 2 with all the google stuff disabled and using only 2G with pre-paid sim card.
     
  5. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
  6. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Last edited: May 3, 2021
  7. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    With just UBO, I get 93%.
    Mrk
     
  8. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
    McAfee. comes with my service. seems to work just fine.
     
  9. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    i wont trust Opera, never, to read
    https://decrypt.co/69276/opera-brow...urce=reddit&utm_medium=social&utm_campaign=sm
    do you really think they will behave different on android?
    https://spyware.neocities.org/articles/opera.html

    Opera is owned by Qihoo and Qihoo is neither nor trustable.
    Even Adguard (Premium) with Chrome or any other naked browser dont show this popup here.
    Adguard is also resolving DNS.
     
  10. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Android Opera by default is not optimal.:thumb:
    But I lose about 5' to configure the browser optimally.
    With Android Firefox I assume I need at least 1 hour to do the same.
    ;)

    https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/

    https://restoreprivacy.com/firefox-privacy/

    https://privacytools.io/browsers/#about_config

    ___________________________________________________________

    I am now back to 100%

    Opera.jpg
     
  11. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    my result of the links you gave
    i use two builds of Firefox for android, the last final before they upgraded - v68 with my beloved extensions as on desktop, and the nightly with only few but vital extensions. the only change for nightly was to accept enterprise root certs because of adguard. to use all extensions like v68 i need to build my own collection in my firefox account (firefox nightly can use users collection). i dont see any evidence why not to use firefox on android while opera is spying me without any notice.

    for the testing page _any_ firefox here will block the testing page because of ^.io in ublock (see other thread).

    one point that i dont pimp my firefox on android that much - i cant export my profile as on desktop, no rooted device. but for ublock i can ;)
     
  12. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    735
    Location:
    South Park, CO
    With Bromite browser on Android, I got 100% with default DNS and no custom settings.
     
  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Every browser by default has drawbacks.
    With the smartphone, my first rule is simplicity.
    I would never use Chrome and for different reasons I would not use Firefox.

    For the desktop browsers my requirements change, and in fact I don't use Opera.

    But keep in mind that even the least privacy-oriented browser can be set up for fair use.

    Obviously you have to know how to do it.;)

    I'll insert a thread that highlights exactly what I said above:

    https://msfn.org/board/topic/182370-extreme-explorer-360-a-how-to-guide-converting-remaining-chinese-to-english/

    Although that browser is not of my interest I have contributed to make it more secure, eliminating an insecure cipher suite created by the Chinese and not standard.
     
  15. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,002
    Location:
    Member state of European Union
    Threats vary. What is better for one situation may be worse for other. Average Joe care more about regular thief or mugger. Thieves usually don't have devices that can collect your fingerprints etc. Even worse with so much cameras around in public places entering PIN/passphrase/passcode is not safe from eavesdropping. Entering password to desktop computer in home is usually safe, but entering the same password in public place via touch screen is not.
    It is harder to eavesdrop on fingerprints than on password using cameras.
    @Sampei Nihira definitely check out about Lockdown Mode. Lockdown Mode disables biometric unlock. I believe biometric unlock is better in most situations, but sometimes you don't want to unlock phone until you are in secure place.
     
  16. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Screen lock settings= PIN
    Biometric lock settings= Fingerprint

    I leave these settings.

    I still have a lot of testing to do with Private DNS.
    I think that the block of ControlD is excessive in some web site
     
  17. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,002
    Location:
    Member state of European Union
    It's ok to leave that settings. There is another setting for activationg/deactivationg lockdown mode that does not collide with aforementioned settings. It supplements them. Do you have (temporary) lockdown mode setting activated? I mean do you have an option to lock smartphone on the same menu used to turn off/restart smartphone?
     
  18. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    If I understand correctly, no.:)
     
  19. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,920
    No silly Android tweaks here. Just Kaspersky and a VPN service.
     
  20. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    735
    Location:
    South Park, CO
    On my new replacement phone, I use BitDefender Free and a bare minimum of F-Droid apps. I uninstalled all preinstalled apps that I don't plan to use. I'm considering activating DoT with a privacy DNS like AdGuard to protect the entire device once I become more familiar with this version of Android. (I had problems with DoH on an older Android device, but I think that was due to carrier issues.)
     
  21. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    Maybe fdroid has some jewels inside which are hard to find.
    I use ZAPP for TV (direct download of apk), but nothing else. i kicked the fdroid app, pain to use.
     
  22. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,002
    Location:
    Member state of European Union
    Have you tried RethinkDNS?
     
  23. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    If Adguard Premium is already installed there is no need for another DNS service. In fact i think this wont work together because both want to install a VPN service and android is only able to use one.
     
  24. newmember88

    newmember88 Registered Member

    Joined:
    Dec 25, 2008
    Posts:
    14
    wish there is a non-vpn firewall.
     
  25. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    blokada, adguard, firewall (no-root) VPN services (eg Windscribe) are all VPN provider - you can only use one. they can only act as those android-wide otherwise you need to add those as proxy, eg adguard premium offers this for a filtering cascade - proxy need to be inserted into apps which have the ability to use a proxy.

    were asked anytime, eg
    https://www.reddit.com/r/androidapps/comments/cakibb/firewall_and_adblock_without_using_vpn_service/
    https://android.stackexchange.com/questions/182341/how-to-use-a-firewall-and-a-vpn
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.