What is your Android security setup these days?

Discussion in 'mobile device security' started by Overkill, Jan 31, 2014.

  1. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    AFAIK no AV support protection for firefox. Most AV only support stock browser and Chrome (recently they are same), some AV like Avast and Trustgo add some more, but not firefox.

    For your bit of relief, Android version of firefox supports Google Safe Browsing by default. For Chrome, it only applicable when you enabled contents compression, tho it has some privacy risk (Google's server can tell what URL you visited except SSL site).
     
  2. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Well I have added malwaredomainslist to AdAway + use NortonDNS so I guess that is enough "phishing protection" anyway.

    So far I am thinking about:
    Bitdefender Free (scan on demand + downloads, nothing more)
    NQ Call Blocker (SMS and call blocker from NQ security.. I dont know the company and cant find much info about their trustworthiness..only know they produce security software for android)

    Or the paid version:
    ESET (file scan, sms/call blocker, security audit).. Probably the better bet as I rather trust ESET than NQ?
     
  3. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    I forgot one thing, before you install an app, not only strictly audit its permission but also search for the app's and dev's reputation.
    If you don't know much about NQ, it would be better not to use their app as it requires many permission.

    Here's my summary of quick search (maybe not useful:p):
    NQ Mobile is a mobile security company established by a young Chinese entrepreneur in 2005, headed in Beijing tho it also have stronghold in Dallas, Texas in U.S.
    It bought an online game company in Beijing in 2010-2011 and made subsidiary of FL Mobile, also in 2013 bought Nation Sky who provide moblie service for corporate. They are very global company and more than 50% income are from outside China, have near 4 hundread million customer around the world. Also cooperate with many famous company not limited to Chinese ones, including America Movil and US Cellular.
    Its game department FL Mobile also have near 1 thousand million customer and 16 millions are active user. Their filu.com is the No.1 iOS game publisher in China, even when combined with Android and others still No.3. They also makes money from advertising from those sites.
    Nation Sky have more than 1,000 corporate customer, and providing MDM and data, security services.
    In short, they are rapidly growing company. Their gross profit rate is more than 65% and operating profit 30%.

    Then, see this secroid result. "High" risk is not much important as it just mean it have potentially dangerous permission sets, but what I noticed is it can send many personal info partly for ads. So I won't use unless at least block those communication via firewall.

    * secroid is not just a permission checker, but also it examins apk and check library against known database, and if it find unknown intermediate codes it do static analysis for API call. When certain app made a security related fuss, they even manually analyze the questioned app. But do not expect too much, as it basically automated simplified analysis and not meant to detect malware.
     
    Last edited: Feb 28, 2015
  4. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    I totally agree with you. So for my phone I use this security setup:

    Security setup:
    Encrypted | VPN 24/7 | SuperSU to mange root | Disabled untrusted certificates (bye spying governments) | OverrideDNS to use NortonDNS on 2G/3G/4G/Wifi | AdAway with malwaredomainlist | App Ops to disable permissions on apps | Telegram for secure chats | Firefox with HTTPS-Everywhere & AdBlock Edge | ESET Premium for File Scan, SMS & Call blocker, Security audit

    For my girlfriend it is the same except that I installed Bitdefender free (simple, lightweight & free file scanner of downloaded & newly installed apps/files as well as on-demand scan) instead of ESET Premium.

    I trust the companies/developers of the apps I chose and I belive it is a good mix of effective vs. lightweight.

    Thanks again for your help. I will keep watching this thread for further suggestions :)
     
  5. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    Woops, I mistakenly pasted comment to other posts (removed)!:oops: Pls forget it!

    You're welcome, glad to see you could find your best.;)
     
  6. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
  7. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
  8. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Sure, I will be happy to read your comment about it on xda or wilderssecurity or pm, how ever you want to comment ;)
     
  9. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,201
    Location:
    UK
  10. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I will never use CM products. Ever. They dial home far too much. I block China on my UTM, so nothing gets out, but I also blocked CM's calls to AWS. I finally realized that it's better to just uninstall that junk.

    I like TREND the best for Android.. Light as a feature, full featured. The remote find/lock features alone are TOTALLY worth it.
     
  11. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Mhh looks like it has too much "bloat features" for me :/ I still prefer ESET Premium or Bitdefender free ! :)
     
  12. ReverseGear

    ReverseGear Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,551
    Location:
    Mumbai
    This thread should be named - Android paranoia security setup

    Just using bitdefender free and adaway
     
  13. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    On the bright side. Trend also replaces CM's spammy products. Optimizers in Trend are at least as good as CM, if not better.
     
  14. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Your phone has probably more information and sensible data stored than all your PC's together. When I look at your windows setup and compare it to my android setup, then I see nothing more "paranoid" on the android setup.
     
  15. ReverseGear

    ReverseGear Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,551
    Location:
    Mumbai
    Even on my pc there are only 2 realtime protection - av and adblocker
     
  16. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,312
    Location:
    USA
    Just installed it and i'm kinda confused...how do you add lists?
     
  17. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    Very good summery about Android security and privacy!:thumb:
    Here's possible improvements:

    -You can add "Privacy" flag to Firewall and SuperSU.
    -As a reference: some AV levarages heuristics and clould reputation to detect unknown malware.
    -I personally think calling AV's anti-theft useless is too much, tho Android built-in device manager is good enough, still some AV adds useful function such as taking photos (remember, the most threat on Android is theft and lost, not malware).
    -Certificate control has been actually available from Andorid 4.x.
     
  18. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,201
    Location:
    UK
    The green "+" sign on the right of the top window.

    You can also add addresses from the live log by highlighting and hitting the no entry symbol
     
  19. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,312
    Location:
    USA
  20. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    I use one on android and only recommend the usage of one.
     
  21. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    Thanks I will work on the guide within the next few days :)

    @Edit: With 5.1 I believe the built in anti-theft is way but than any av-solution ? Also you can simply "flash over" the av anti-theft except when the phone is encrypted.
     
  22. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    Sorry I have no idea about 5.1, I have to look into it. I don't get what "flash over" means thanks to my English limitation but do you mean those who picked lost phone can uninstall AV?
    Usually they have password protection, and when just after phone is turned on they can take photos and send it to cloud.
    If attacker was careful and never turn on the phone, instead pull off battery & its internal storage, connect it to PC, make a backup copy of them before they do wicked things then surely AV won't help and in this situation only FDE is the effective counter measure.
     
  23. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    529
    If a custom recovery (e.g. twrp) is installed then you can just boot into recovery, flash a random rom (or stock ROM) or factory reset - this will remove the anti theft. None of the anti theft methods are flash-proof :/
     
  24. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,995
    Location:
    USA
    I install anti-theft in order to locate the phone if I should leave it somewhere, and so there's a chance I will be able to erase the data remotely if it's stolen. Recovering a stolen device seems unlikely.
     
  25. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    I thought that requires root access, ofc in Nexus getting root is breeze but some devices are really hard to get root (most of them are those which hardened by LSM).
    Anyway when adversary was such determined, only reliable protection will be FDE.
    What if the device ran out its battery when you find you lost the phone?
    BTW, I guess maybe you confuse the term recovery.
     
    Last edited: Mar 16, 2015
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.