Android/iPHONE apps for better privacy/security

Discussion in 'privacy technology' started by ComputerSaysNo, Nov 29, 2012.

Thread Status:
Not open for further replies.
  1. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    What is out there for Android/iPHONE apps for better privacy/security?
     
  2. parsec

    parsec Registered Member

    Joined:
    Aug 2, 2011
    Posts:
    68
    Location:
    /local/galaxy_cluster/milky_way/sol_system/earth
  3. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Start off by encrypting with the built in ICS/Jelly Bean encryption. It will use your lock screen PIN/Password as the key, limited to a max of 16 characters (but 16 is good if they are randon, not words, etc...). I personally don't mind typing 16 characters for my lock screen, but if you do, you can encrypt with a weak key, and then use EncPassChanger from the Play Store, to change the Pre-Boot Key to anything you want. But: a weak unlock code is bad practice IMO.

    If you root, re-lock your boot loader after you have everything set up the way you like. Depending on which OS version/hardware you have, there is an app on XDA, that will allow you to lock/unlock the boot loader at will, from within the OS. It is protected by your screen unlock pass - see above.

    Running a custom ROM based on AOSP is the safer bet, then a carrier provided one, IMO. No bloat, no hidden goodies like CarrierIQ, etc... Check out Rasbean Jelly if you have a Nexus device.

    Don't leave Developer or USB Debugging options enabled:

    https://www.youtube.com/watch?v=ah7DWawLax8

    After that, it's Apps. Some of these require root, but most don't. In random order: (After you get a VPN provider that allows OpenVPN access) OpenVPN for Android by Arne Schwab, Orbot, KeePass, LastPass (pay version for mobile - $12 a year), Encryption Manager, DroidCrypt, EncPassChanger, History Eraser, 1 Tap Eraser, A firewall to block the Android GPS Daemon/Service and any other apps you don't want communicating on the network (GPS lock will take longer, but not much, and it still works), anything from the Guardian Project. I still haven't played around with anonymous SIP with Guardian's OSTEL/CSIPSimple combo, but it looks interesting.

    There is a rumor that Moxie is working on an updated WhisperCore for Jelly Bean, sometime in 2013.

    I 'no habla' Apple, but Silent Circle and Wickr are out there. I read on an LE forensic forum, that Wickr does what it says in an informal test - YMMV. They are pretty sparse on the technical details of what they do, from reading their site, but who knows.

    PD
     
    Last edited: Nov 30, 2012
  4. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    Are there any GPS jammers out there for iPHONE/ANDROID?
     
  5. x942

    x942 Guest

    Good post. I would like to add:

    Text Secure - open source encrpyted texting database + Encrypted messages over the wire to other users. Open source means it can be reviewed and known to have no backdoors which you can't do with Silent Circle (apparently they will release source) or Wickr.

    Red phone - Open source and EASY to use encrypted phone calls. Uses your number as your "id" no need to register a new account or anything. Uses ZRTP to encrypt calls.

    More: http://forum.xda-developers.com/showthread.php?t=1954513

    I take it to a further extreme. I remove all Google Apps. Use AOSP, Disable NFC, Bluetooth, Camera via /dev/ permisions, harden sysctl, use F-Droid to install the apps mentioned above, disable installing apps (remove "pm" and installerpackage), change adb permisions so it can't run, and disable all unneeded binaries.

    You can really harden android thanks to it running on the linux kernel.
     
  6. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    will come in handy once i purchase myself an android , just waiting for better specd phones to release , not happy enough with the current ones
     
  7. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Great "specs" and the best bang for your buck ;) - https://www.google.com/nexus/4/
     
    Last edited: Dec 4, 2012
  8. QVX11

    QVX11 Registered Member

    Joined:
    Jul 19, 2011
    Posts:
    5
    Is the device encryption in Gingerbread as good as the encryption in ICS?
     
  9. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802



    SDHC not supported, fixed battery, not waterproof, looks horrible generic,specs not good enough, battery life nothing compared to Motorola RAZR i or DROID RAZR MAXX HD

    not yet , as ive said not quite what i need just yet available :doubt:, was hoping something like a mixture of the Motorola RAZR i design with droid razr maxx hd battery life and lg optimus g hardware and sdhc support ,and the usual goodies , still a dream as of now
     
    Last edited: Dec 5, 2012
  10. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Doh! Those are the two I use the most...don't know how I forgot them! LOL.

    PD
     
  11. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Sadly there is no LTE support either - hard to understand...
     
  12. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163

    If you need all that, then you are correct, and only you can decide. The specs as far as CPU/GPU/RAM/Screen/Camera are good though. I own a GNex and personally don't miss any of the stuff mentioned (waterproof?). With Rasbean Jelly and Franco Kernel, it's 'fast enough' for what I do with a phone and just plain fast comparing with other devices in Quadrant. With StickMount OTG I could plug in 64gig MicroSD cards...or 3 TB hard drives...but if it *must* be in the phone, you are correct. I don't use my phone as a media storage device...I have a Tablet/Laptop for that stuff.

    I personally could never imagine *not* choosing a Nexus device...I want total control over what I paid for. I'd look for a GNex though, the 4 isn't that much better (or anything else for that matter) IMO, after tweaking.

    PD
     
  13. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    HSPA+ 42, and it has Band 4 LTE that can be hacked on. T-Mobile is rolling out Band 4 LTE. But again, if 5-10 Mbs isn't good enough, fair criticism...but man, what do you guys do on your phones? :D I regularly get 6Mbs here locally (GNex HSPA+ 21), and I'm on a StraightTalk SIM using AT&T towers. LTE would have required a radio for each carrier, GSM & CDMA - either one very expensive version, or 4 different versions. The Verizon LTE GNex is 3 updates behind, and LTE eats battery. $299-$349 would have been a pipe dream. What are unlocked iPhones, $700?

    PD
     
    Last edited: Dec 5, 2012
  14. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Thanks for clarifying. I was thinking along the lines of why release a device with many state of the art specs and leave out LTE? Whether or not anyone needs it is a separate question :D
     
  15. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    yes waterproof and rugged build, you wouldnt imagine how easy you can mess up your phone in humid or wet weather , and its not always dry where i run around ;) , hell one of motorolas razr max specs is waterproofdness as well shouldve added that in order to understand what ive meant with that statement and yes i dont need any external items all must be integrated , and yes total control is of course to be expected of any secure device purchased , nothing else would be allowed a place in my inventory , perhaps 2013 will bring us the dream phone , latest 2014 id say :ninja:
     
    Last edited: Dec 5, 2012
  16. x942

    x942 Guest

    Check out the Rugby LTE (Rugby Pro in US). It's waterproof and military specs, supports SDCards too. Only thing you are losing is Quad-Core. If your trust samsung they have AES256 FDE on board, otherwise root and install CyanogenMod or some other custom rom.
     
  17. x942

    x942 Guest

    Gingerbread didn't have full disk encryption. Samsung added it to the S2 themselves (AES256). They are the only ones I've seen with it on gingerbread.
     
  18. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802

    dont trust samsung when it comes to securing my device of course the one and only way would be to root and install a custom secure rom,and yes the hardware specs are nothing compared to lg optimus G , sorry, as ive mentioned in my first post what i was looking for , its still staying at that , btw rubgy is fuuuugley ,dont get me started on those specs, no offense , as said design wise im lookin for Motorola RAZR i`s , its freakin hot nothing comes close to it when concerning mobile phone design , unless someone can prove me wrong :), its sad to see hardly anyone doing something fresh with phone designs its all either everyones running around with an overpriced toyphone aka iphone5 or generic uninspiring smartphone boredom on the market, wheres the creativity , sadly not much going around nowadays
     
    Last edited: Dec 6, 2012
  19. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    BACK ON SUBJECT

    Are there any GPS jammer apps? I don't want to be tracked using GPS so is there a APP that blocks GPS?
     
  20. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
  21. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    Can you turn GPS off on iOS/iPHONE?
     
  22. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Sort of relevent:

    Does anyone know of a service that can give a temporary, real phone number, that can receive a GoogleVoice authentication call when adding a forwarding phone? Free or paid, but I don't want a subscription. I found one that had a $2.99 fee for one hour (NotMyNumber) but I can't get the site to do anything. Even tried it in a bone stock IE install. Others have the caller enter an extension, which won't work either. Yes, all interaction with Google on either the desktop or Android phone, will be over either Tor or VPN with GrooveIP.

    Thanks,

    PD
     
  23. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
  24. x942

    x942 Guest

    No apps but you could if you really wanted to disable the GPS in /dev/ (on a custom rom).

    Word to the wise though: You phone will ALWAYS know where it is. It has too for it to work and be able to switch between towers seemlessly. Even with GPS off your phone can always be trianglated if turned on. (But realistically only by law enforcement).

    iOS encryption is weak. I work with computer/Phone forensics all day and can tell you that apple seriously exaggerates the security of "deveice protection". The whole scheme is easly bypassed as the encryption key is loaded at boot time.

    On the iPhone 4s and bellow you can use hardware (bootrom) exploits to load a custom RAM disk and dump the ENTIRE contents of the phone in plain texts. Even with Password enabled. Things that are NOT encrypted by you password (Private key as apple says):

    - Texts
    -Contacts
    - Call history
    - GPS History
    - Photos
    - Web browser history
    - E-Mail
    - Notes

    the iPhone 5 will fail here too once someone finds a bootrom exploit. If you want security stick with Open-Source so you can a least know what it's doing and can add real encryption if it doesn't have it. iPhone encryption is only good for Remote Wipe as it wipe the key rendering all data irrecoverable in less than 30 seconds. For everything else (data at rest) it's useless as it decrypts on boot without a password being needed.

    Apple should allow you to set a pre-boot password just like File-Vault on the Mac. This would fix this flaw. In theory their encryption scheme is great, their implimentation fails however.
     
Loading...
Thread Status:
Not open for further replies.