Android Security

Discussion in 'mobile device security' started by rm22, Jun 23, 2016.

  1. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    I've been asked to help someone setup they're first smart phone - Acer Z630, Android 5.1 - but I've never used Android & don't really use my phone other then for calling/texting.

    Are there any good comprehensive guides for setting Android's native features securely & effective security Apps (preferably free) to compliment? Internet use will mainly be on public WIFI and will involve personal data.

    What native settings & additional Apps do you use on your Android phone for security?
     
    Last edited: Jun 23, 2016
  2. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    Avast Wi-Fi Finder
    "....There's no need to compromise. Check the security of each network and email, browse and make payments wherever you are....."
    https://play.google.com/store/apps/details?id=com.avast.android.wfinder&hl=en

    Imo it's foolish to use the internet on public WIFI involving personal data even with security programs. If the persons not computer savvy it's dicey to say the least.
     
  3. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,169
  4. subhrobhandari

    subhrobhandari Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    708
    Few things. First, some people are comfortable with rooting. If cyanogenmod is available for your device, you might flash that after backing up the current ROM. Most probably you will lose your warranty though. Rooting basically gives you admin access instead of limited user access. However, seeing you never used android before I would not recommend that.

    If you do not want to root, first thing you should do is install F-Droid. Try to use that instead of play store as much as possible, as F-Droid only contains FOSS apps. There are some firewalls which take advantage of creating of a local VPN to block some apps to access internet. FOSS example is Netguard (available on F-Droid), or search in play store for noroot filewall (I am using Simple Good Mobile's app). You will see numerous posts all over the internet stating how AVs for android is useless, as Google scans each app in the playstore. Yes, google does that, but it is far from perfect. Each month, there are reports that some app/apps with 50k-100k downloads were delivering exploits etc. So, try to stick with F-Droid as much as possible.

    So, you might want to install Virustotal app, it will scan all apps. However, there will be some false positives, in my case, I have five apps shown as malware which are false positives. Other than that, pick one realtime scanner. In my case, I use Webroot and Zemana, both are not free. Malwarebytes is good and free but drains battery. As the phone will be used in public, definitely install OpenVPN and import a profile. Warn the user to never connect in public wifi without VPN.

    There are other native settings like encrypting the whole phone, putting a good password.
     
  5. haakon

    haakon Registered Member

    Joined:
    May 25, 2015
    Posts:
    752
    Location:
    SW USA
    Yeah. That's just the ticket for some one who has never used Android for to help some one setup their first smart phone. :D

    Sophos Mobile Security (aka Free Antivirus and Security) is unarguably one of the best in its field. Fully loaded with all the goodies found in the big boys' paid versions. It's even powerful enough to block phone calls that abuse some SS7 vulnerabilities.

    Adguard for Android has a limited browser-only free version, but the paid version is so inexpensive it's practically free. Its ad blockers, phishing/malware protection, and spyware filter apply to all apps and systems. And doesn't get in the way of Sophos.

    IMHO, they're an unbeatable combo for the expert and the newcomer.

    Both have easy to access settings which will permit you to enhance security and protection without drilling into convoluted Android settings. Adguard has a nifty firewall which will let you near effortlessly toggle (3 swipes) connectivity for individual apps to WiFi or Cellular or both.

    Play store:
    https://play.google.com/store/apps/details?id=com.sophos.smsec&hl=en

    Adguard has to be installed from the Android Chrome browser. It's so good, Google won't allow in the their store. You'll need to enable (and un-enable when you're done) "Unknown sources" on the phone. Instructions are on their website:
    https://adguard.com/en/adguard-android/overview.html

    I run both on my Nexus 7.2 Android 4.4.4 and Moto G3 Android 6.0. I have several of my run anything click on anything family and friends running them on their Samsungs and LGs. Because none of them will ever listen to all that "don't do that" advice.
     
    Last edited: Jun 24, 2016
  6. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    525
  7. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    Thanks for the replies all - there's a lot to research :) What about an Android version of NVT ERP? Or is App Whitelisting not effective on Android - from what i've read it looks like the intentional install of a malicious App is the most common route for infection?

    there's often no other option - i used to always use a payphone for banking while traveling, but they have pretty much disappeared. Whereas there is public WIFI easily accessible. Avast Wi-Fi Finder looks good - thanks

    So the default account is already a limited user? Good to know - I always setup a SUA account for users in Windows & Ubuntu. I'll skip the rooting if it's not needed - I don't even see an option for creating an Admin account so I assume it isn't essential
    I haven't used OpenVPN, but I was thinking I'd just install the Zenmate addon for Chrome. It works great as long as they're just using the browser for sensitive data

    Thanks, both look like good options. A few questions for you - I've come across a lot of... "Recent studies however show that mobile antivirus programs are ineffective due to the rapid evolution of mobile malware." , but i haven't seen much stating what is effective. So is it a matter of - the AVs aren't great, but there's nothing better? EDIT: Based on the AV test labs they certainly look effective...

    Would you use something like NoRoot Firewall along with Adguard (paid) or are it's block options sufficient? How does Adguard's browser addon compare to uBlocko?
     
    Last edited: Jun 24, 2016
  8. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
  9. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    I would just use something like Hotspot Shield for public Wi-Fi and call it good. I removed Norton from my phone because it just seemed like annoying overkill. I would not suggest rooting by any means.
     
  10. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
  11. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    Eh, it's another sensationalistic clickbait article. Don't install unknown stuff and be prepared to flash your phone back to stock if you do.
     
  12. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    There's an even better solution, buy a phone that gets updated.

     
  13. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    Thanks for the info. In the Android world, day to day, I am down to one tablet used as a ebook reader. But I do use it on the web here and there. I'll try Sophos for a while. (Although I, like many people, am not convinced an antivirus is all that effective on Android.)

    I switched to iPhone last year mainly for that reason. (Permissions control being the other key thing.) The only Androids that get timely updates are Nexus models. And only fairly recent phone models at that. And I never owned a Nexus. So my updates were delayed months and months (and sometimes more!)

    I liked my Android phones. But the lack of timely security updates became too risky for me.
     
  14. Nanobot

    Nanobot Registered Member

    Joined:
    Jun 23, 2010
    Posts:
    237
    Location:
    Neo Tokyo
  15. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Android situation has vastly improved this year thankfully, but different strokes for different folks.
     
  16. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
  17. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Agreed! The solution for open WiFi is a VPN and there are plenty to choose from. I currently use F-Secure Freedome; works fine on Android and Windows.

    As for Avast I would recommend the antivirus & mobile security, anti-theft and cleanup & boost components which are all free (there are unobtrusive ads).
     
  19. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    I decided to install and test drive this. It does have a nice feature set, but one thing it doesn't appear to have is an icon that indicates it's running. It's nice to have an icon to verify that the security is active.

    Edit: There's actually a second download called Sophos Security and Antivirus Guard that is needed to protect the AV from termination; it doesn't add an icon either and it's curious that it's not just integrated.
     
    Last edited: Jul 3, 2016
  20. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    211
    Agreed that a VPN is really essential if you are going to be exposed to open WiFi. I find AirVPN to be excellent on my Nexus 9 tablet which of course also solves the other issue of timely updates to the latest Android releases.

    Like others have said, stay away from rooting and you should be fine with more or less any of the AV products. I would highly recommend uBlockO as your AddBlocker and although I'm in a minority, I like Firefox as my mobile browser.
     
  21. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    yes - I didn't realize Chrome for Android does not have extensions...
     
  22. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    328
    Location:
    Canada
    @xxJackxx , @Victek are you guys using chrome for browsing along with a VPN - if so how have you disabled webrtc? With Android 5.1 and latest Chrome I do not see the flag "disable-webrtc" and don't see another option posted online

    @Victek did you stick with Sophos or Avast? I've had Sophos & Cyberghost on for awhile now - seems good

    @Cache have you found an AV that works with Firefox? I've looked at Sophos & Avast and neither one supports Firefox for Web Shield/Filtering. Or do you just rely on uBlock?
     
  23. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    211
    @Cache have you found an AV that works with Firefox? I've looked at Sophos & Avast and neither one supports Firefox for Web Shield/Filtering. Or do you just rely on uBlock?[/QUOTE]

    I use Webroot (free version) and find that it works well.
     
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    I really do near zero browsing on my phone. When I do I use the Samsung browser and Adblock Fast. I am near a desktop or laptop PC at almost all times, so I use those for browsing. I never connect to public wifi.
     
  25. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Currently I'm beta testing Zemama Mobile Security (there's a dedicated thread here); I've used both Sophos and Avast previously and they both seemed fine. I still use the Avast Anti-Theft component. For browsing I use Dolphin. I don't know if Dolphin blocks webrtc, sorry. Why is webrtc a concern?
     
Loading...