Discussion in 'mobile device security' started by guest, Nov 15, 2016.
Can you write why, and what do you recommend as an alternative?
Biometrics is good for mobile. Theoretically better protections are worse if you don't use them or pokes holes (increases autolock delay). In this case convenience is key to security. Better is enemy of the good. To enter passphrase privately in public you would have to go full Snowden anyway.
Sampei, because you cannot change your biometrics, so if someone has them = they can be you. Also, the way biometrics are implemented, they aren't foolproof, and false positives are possible with relatively high probability.
Still using very old Xcover 2 with all the google stuff disabled and using only 2G with pre-paid sim card.
Thank you both for the explanation.
Did some tests by changing DNS always with Opera, same conditions:
ControlD = 98% 100%
Quad9 = 69%
Adguard = 63%
Cloudflare = 65%
Cleanbrowsing = 63 %
With just UBO, I get 93%.
McAfee. comes with my service. seems to work just fine.
i wont trust Opera, never, to read
do you really think they will behave different on android?
Opera is owned by Qihoo and Qihoo is neither nor trustable.
Even Adguard (Premium) with Chrome or any other naked browser dont show this popup here.
Adguard is also resolving DNS.
Android Opera by default is not optimal.
But I lose about 5' to configure the browser optimally.
With Android Firefox I assume I need at least 1 hour to do the same.
I am now back to 100%
my result of the links you gave
i use two builds of Firefox for android, the last final before they upgraded - v68 with my beloved extensions as on desktop, and the nightly with only few but vital extensions. the only change for nightly was to accept enterprise root certs because of adguard. to use all extensions like v68 i need to build my own collection in my firefox account (firefox nightly can use users collection). i dont see any evidence why not to use firefox on android while opera is spying me without any notice.
for the testing page _any_ firefox here will block the testing page because of ^.io in ublock (see other thread).
one point that i dont pimp my firefox on android that much - i cant export my profile as on desktop, no rooted device. but for ublock i can
With Bromite browser on Android, I got 100% with default DNS and no custom settings.
Every browser by default has drawbacks.
With the smartphone, my first rule is simplicity.
I would never use Chrome and for different reasons I would not use Firefox.
For the desktop browsers my requirements change, and in fact I don't use Opera.
But keep in mind that even the least privacy-oriented browser can be set up for fair use.
Obviously you have to know how to do it.
I'll insert a thread that highlights exactly what I said above:
Although that browser is not of my interest I have contributed to make it more secure, eliminating an insecure cipher suite created by the Chinese and not standard.
Threats vary. What is better for one situation may be worse for other. Average Joe care more about regular thief or mugger. Thieves usually don't have devices that can collect your fingerprints etc. Even worse with so much cameras around in public places entering PIN/passphrase/passcode is not safe from eavesdropping. Entering password to desktop computer in home is usually safe, but entering the same password in public place via touch screen is not.
It is harder to eavesdrop on fingerprints than on password using cameras.
@Sampei Nihira definitely check out about Lockdown Mode. Lockdown Mode disables biometric unlock. I believe biometric unlock is better in most situations, but sometimes you don't want to unlock phone until you are in secure place.
Screen lock settings= PIN
Biometric lock settings= Fingerprint
I leave these settings.
I still have a lot of testing to do with Private DNS.
I think that the block of ControlD is excessive in some web site
It's ok to leave that settings. There is another setting for activationg/deactivationg lockdown mode that does not collide with aforementioned settings. It supplements them. Do you have (temporary) lockdown mode setting activated? I mean do you have an option to lock smartphone on the same menu used to turn off/restart smartphone?
If I understand correctly, no.
No silly Android tweaks here. Just Kaspersky and a VPN service.
On my new replacement phone, I use BitDefender Free and a bare minimum of F-Droid apps. I uninstalled all preinstalled apps that I don't plan to use. I'm considering activating DoT with a privacy DNS like AdGuard to protect the entire device once I become more familiar with this version of Android. (I had problems with DoH on an older Android device, but I think that was due to carrier issues.)
Maybe fdroid has some jewels inside which are hard to find.
I use ZAPP for TV (direct download of apk), but nothing else. i kicked the fdroid app, pain to use.
Have you tried RethinkDNS?
If Adguard Premium is already installed there is no need for another DNS service. In fact i think this wont work together because both want to install a VPN service and android is only able to use one.
wish there is a non-vpn firewall.
blokada, adguard, firewall (no-root) VPN services (eg Windscribe) are all VPN provider - you can only use one. they can only act as those android-wide otherwise you need to add those as proxy, eg adguard premium offers this for a filtering cascade - proxy need to be inserted into apps which have the ability to use a proxy.
were asked anytime, eg
Separate names with a comma.