What is your Mobile security setup these days?

Discussion in 'mobile device security' started by guest, Nov 15, 2016.

  1. jaypeecee

    jaypeecee Registered Member

    Joined:
    Aug 21, 2007
    Posts:
    155
    Location:
    UK
    Hi Rasheed,

    I have been using ProtonVPN on both Android and Windows 10 for about a year. I started out with the free versions and then decided to upgrade. I like this VPN a lot.

    JPC
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,855
    Location:
    The Netherlands
    Thanks will check it out. This is something that Android should make clear.

    To clarify, if you login to stuff like Facebook and Instagram, can a hacker sniff passwords via WIFI even if those apps use HTTPS?

    Thanks for the tip. I don't really use WIFI a lot, so protection for 10 GB is enough. I do not use any VPN for my desktop and laptop since I only use them at home.
     
  3. 142395

    142395 Guest

    Assuming FB/IG uses HSTS (w/ preloaded list), no they can't unless you use old browser which has vuln or they somehow know 0-day exploit of TLS. But I think there're still small risk tho, as phishing is easier in mobile where TLS icon and url bar is less recognizable, and the owner of malicious AP can spoof DNS.

    [EDIT:] I've found a real example of the attack I concerned.
     
    Last edited by a moderator: Oct 20, 2018
  4. jaypeecee

    jaypeecee Registered Member

    Joined:
    Aug 21, 2007
    Posts:
    155
    Location:
    UK
    The use of a VPN should not be limited to mobile devices. A VPN installed on desktops and laptops will hide your true IP address with all the advantages that that brings. I suggest you do a bit of digging around here on Wilders and the web to find out more.
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,855
    Location:
    The Netherlands
    To clarify, I'm talking about the Facebook and Instagram apps. From what I understood, on a free WIFI network, people might be able to intercept login data. So that's why I became interested in using a VPN.

    To clarify, I don't really care about hiding my browsing activities from my ISP. So on my cable and 4G network, no VPN is needed. I'm also not willing to sacrifice speed, although hiding my true IP from websites would be a nice bonus. It makes you a bit harder to track.
     
  6. 142395

    142395 Guest

    Assuming (1) FB/IG do everything right (2) You only care FB/IG logon, meaning you either confirmed all other (background) connection are properly secured or don't include sensitive info, or just ignore them, then you'll be safe. But if I were you, I'd care both. People tend to believe such big names must do things properly, but then how IG stored user pwds in non-salted MD5 (terrible practice next to plaintext) which caused massive damage?
    But to be fair, if they use https adversary needs active attack (if contrast to http) so the risk is lower even w/out HSTS.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,855
    Location:
    The Netherlands
    Yes, it's probably best to use a VPN, I wouldn't rely on app security. To clarify, I don't use any browser on my smartphone, I only use apps for websites and services that I really need. Mobile browsing is a pain to me.
     
  8. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,670
    Eset Premium
    AdGuard / Firewall enabled
    LastPass
    IVPN
     
    Last edited: Dec 1, 2018
  9. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    791
    Bitdefender Mobile Security & Antivirus (Beta)
    Ivacy VPN
     
  10. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,126
    Avast Ultimate
     
  11. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,648
    Location:
    Among the gum trees
    My new (Samsung) phone has prompted me to turn on "Security - powered by McAfee". Would that be a trial or do they have a free version?

    I already have Norton as it is included with my subscription + Blackfog Privacy.

    No, I am not considering enabling "Security" as well, just curious.

    Thanks.
     
  12. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,016
    Location:
    Italy
    Huawei P 30 Lite
    Android 10
    Software updates - Automatic
    Account security - Protected by 2-Step Verification
    Screen Lock - Protected by 6-digit PIN
    Biometric Unlock -Fingerprint(s) and Facial recognition
    Notifications - Hide sensitive information when locked
    Google Play Protect - Activated
    SIM card lock - Activated

    Private DNS:

    • With Opera it is redundant or even deleterious because some web sites become unreachable or not working, if I could choose AdGuard DNS
    Real-time protection:
    • Huawei Avast AV built-in
    Email client:
    • BlueMail for my OAuth2 accounts
    • K-9 Mail
    • Aruba PEC
    Opera:
    • Search Engine DuckDuckGo
    • Data saving - on
    • Cookie on - Except third parties
    • Pop-up blocker - on
    • Close tabs + clear History and Data on exit
    • Content filtering:- Opera build-in adblocking and anti-tracking
    • Opera's anti-Phishing and Malware functionality is working:
    phishing.jpg 100.jpg

    P.S.

    It is interesting to note that Opera's anti-phishing reporting is managed by external suppliers.
    In the 2 images from AMTSO and PhishThanks

     
    Last edited: Dec 5, 2020
  13. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,678
    that explain a lot of issues on such devices. *
    or TypeApp, same vendor, same software, same bugs ;)
    is part of Adguard Premium, its worth any dime.

    the problem for any antivirus is that google has set more restrictions this or last year concerning access to some phone services - vendors who wanted to be kept in store had to accept this but lost functionality. pity. due the connection to virustotal any vendor is using nearly the same database, boil the same water. my chosen solution is sophos intercept x.

    * that's really bad that major phone manufacturer deliver bloated phone, in special now the chines groups. and you are not able to disable nor uninstall most of it. like any system this spread the attacking base of devices.
     
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,016
    Location:
    Italy
    Avast AV works perfectly on my device.
    Disabling system apps is also very simple, for example it is more difficult in Xiaomi devices.

    In fact, among many system apps I have disabled Chrome.

    P.S. You will notice that for BlueMail I have entered a specification.;):)
     
  15. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,678
    I did, because K9 is very outdated, it's simple, but that's all. Some people changed to FairMail which is much newer and under development, but at least it needs a registration fee for some features I use for free in TypeApp (well, BlueMail = 100% TypeApp in its free features).
    I don't have doubt, but anytime I enter the store for searching new apps i also read comments with issues on full featured (like Huawei) phones without any clue on developer side where other users with other hardware don't have issues. And in most cases those newer bloated phones are causing issues, not the older ones. Android 9 is not fully supported from all devs, Android X even lesser. Google Pixel series as one of the less or none bloated devices, or one with Android One.
     
  16. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,016
    Location:
    Italy
    https://github.com/k9mail/k-9/releases/tag/5.725


    K9 has many advantages over other email clients.
    For example, it allows you to configure an email account without the need to have an output server different from other accounts.


    ;)
     
    Last edited: Dec 5, 2020
  17. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,678
    Thank you, I never got there, official app status in store is 5.600 and from 2018. What I still miss when reading the changes is a tiny mail/spam filter like TypeApp/BlueMail has. And it should be able to notify for updates because that builds are not in store.
     
  18. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,016
    Location:
    Italy
    We in Italy have a proverb.
    "You can't have everything from life".

    Now my wife's pizza....... is waiting for me.:)
    Even today my region, with the Anti-Covid law, is still in the red belt.
    Many jobs have been closed for 3 weeks.
    And then with the curfew at 22:00 and the impossibility to leave the municipality of residence, travel becomes almost impossible.

    Good evening to all of you.
    :thumb:;)
     
  19. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,678
    Installed, try to create POP3 account, not possible, deleted. Sorry. The "manual" button when creating an account is not available (greyed out) and i consider this as a critical bug as it worked in 5.600.
     
  20. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,016
    Location:
    Italy
    See in the issues,POP3 support is deprecated, if I am not mistaken.
    However, open a new issue.
    But to the developer, not to this poor fisherman.
    ;):)
     
  21. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,310
    Location:
    Under a bushel ...
    I read this rather negative post re Android One recently:
    https://www.androidcentral.com/nokias-failure-final-nail-coffin-android-one

    Hmm ... Android One is one of the first things I look for, because I can't stand bloatware on any Android phone!
    I really hope the project doesn't die, or is at least replaced with something equivalent.
    I just bought a 'mid range' Nokia 5.3 (5.4 out shortly) and am more than happy with it ... after jumping in the pool with with my ageing (but still fine, Android One) Xiaomi Mi A1 :D.
    It is still Android 10 though - not 11, but with most recent security updates.

    Else Google Pixel 4a may be an option now ...
     
  22. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,670
    Eset
    IVPN
    1 Password

    Vivaldi browser for ad's & trackers
     
  23. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    264
    What do you people think about the SS7 attack, it's old;ish but still unsolved, correct ? The hacker only have to know you phone number to attack you.
     
  24. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,310
    Location:
    Under a bushel ...
    Sophos Intercept X for Mobile (free).
    AdGuard for Android (lifetime).
     
  25. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,118
    Location:
    Slovenia
    Yes, SS7 will probably never be secured. For communication you can try going with end-to-end encryption app like Signal.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.