1. Are you ready for the Galaxy S20? Here is everything we know so far!

How mobile devices can be secured?

Discussion in 'Android Lounge' started by MichaelJohnny, Jan 1, 2020.

  1. MichaelJohnny

    MichaelJohnny Newbie
    Thread Starter

    I dont trust antivirus because there are a lot of rumors about them.
     

    Advertisement

  2. Best Answer:
    Post #2 by Hadron, Jan 1, 2020 (2 points)
  3. Hadron

    Hadron Smoke me a kipper...
    VIP Member

    I don't use an "anti-virus" (sic) app myself, because there is no need for them if you are sensible.

    There are two main steps to android security:

    1) Secure any account you put on the phone, but especially your primary Google account. Use a strong password (length is important, do not re-use passwords between different accounts, do not re-use old passwords), enable two-factor authentication, go through your history and de-authorise any device you don't recognise or aren't planning to use with the account. And be suspicious of any unexpected requests to enter the password (on computers as well as phones - it's the account we are trying to secure here, not the device). Anyone who gets access to your account and knows what they are doing has a back door into the phone, so this is important.

    2) Be careful what you install and where you install from. Android malware does not consist of viruses (self-propagating malware) but trojans (malware hidden inside apps that the user installs). Only install apps from trusted sources: curated repositories like the Play Store or F-Droid, or if you are sure of the app's legitimacy the developer's own site. There are a couple of apk download sites that are pretty safe (e.g. apkmirror), but avoid random sites that offer apk downloads or sites that allow anyone to upload stuff (I wouldn't touch aptoide with a 20 foot pole myself), and don't even visit sites that offer "cracked" apps (paid apps for free), since those are major sources of malware. Then apply a little thought before installing: check what permissions the app wants (e.g. if a flashlight wants access to your storage it's either written by an idiot who doesn't understand what permissions it needs or it's up to no good - either way you don't want it). Don't install anything that wants the permission to install other apps unless you really know that it needs it to do its job (so e.g. F-Droid does need that, that knock-off of Flappy Bird definitely does not). Malware does slip into even curated app stores (including Apple's, though they like you to think otherwise), so a bit of common sense with what you install is useful even from a "safe" source.

    But honestly, with those 2 rules you don't need to worry much. As I say, I don't use one of those apps myself.

    The third step, while not strictly about securing the phone, is equally important: anything of importance on the phone should be backed-up regularly (I prefer not to rely on cloud backups but to have my own copies - which in many cases are in addition to a cloud backup). This not only means you are OK if you have to wipe the phone for any reason, but also means that if the phone is stolen, lost or destroyed you still have the important data (contacts, photos, whatever). Keeping a copy on the phone (e.g. the SD card) doesn't count, since if you lose the phone you lose that as well (and microSD cards can fail suddenly and without warning as well).
     
    Davdi, knoober, MrJavi and 2 others like this.
  4. ocnbrze

    ocnbrze DON'T PANIC!!!!!!!!!

    yep i used to have lookout, but realized that i do not really needed it. i just use common sense and before i download any app, i check the permissions. i'm careful on my android devices on what website i go to. been like this for years now. i have never gotten any malware or adware on any of my devices. my mom, now that is another story.....lol
     
    MrJavi and MoodyBlues like this.
  5. MoodyBlues

    MoodyBlues Compassion is cool!
    VIP Member

    You're a windows person, right? ;)

    I'm not--I only use Linux--so I was already not in the anti-virus mindset when Android (a Linux) came along. @Hadron has said everything I would, and then some [and better, too!]. Like him, I don't use any anti-virus on my Android devices, just caution/common sense.

    You need to shake yourself free of the windows mindset, where things like 'disk cleaners' and anti-virus protection are the norms. Drop those like a hot potato! They're unnecessary in the Linux universe.

    Follow Hadron's advice, plus don't visit sketchy websites [like porn sites that end up bombarding you with bullshit pop-ups], and you'll be fine. :)
     
  6. noisygirlkk

    noisygirlkk Lurker

    Nicely explained by Hadron.
     
    MrJavi and ocnbrze like this.
  7. MichaelJohnny

    MichaelJohnny Newbie
    Thread Starter

    But you usually visit websites which contains malwares how to deal with them?
     
  8. MichaelJohnny

    MichaelJohnny Newbie
    Thread Starter

  9. MichaelJohnny

    MichaelJohnny Newbie
    Thread Starter

    Thanks for the detailed guide. It really helped me
     
  10. noisygirlkk

    noisygirlkk Lurker

    Very well said indeed.
     
    MrJavi likes this.
  11. noisygirlkk

    noisygirlkk Lurker

    No i don't think so as VPNs don't offer protection for these like viruses, malwares and spywares...
     
  12. mikedt

    mikedt 你好

    No. Not unless that VPN includes any sort of filtering against malware APK downloads. Which they do not AFAIK. A VPN's main purpose is to keep your data encrypted from your ISP., govt. etc. Also when using open WiFi, and to bypass any firewalls and censoring, etc, which is what I use a VPN for in China.
     
    #11 mikedt, Jan 2, 2020
    Last edited: Jan 2, 2020
    MrJavi, MichaelJohnny and Hadron like this.
  13. Hadron

    Hadron Smoke me a kipper...
    VIP Member

    Non-root ad-blockers for Android are VPNs with filtering to block ads. They may help a bit against malware downloads through malicious ads, but having tested most of the well-known ones none is perfect at blocking ads so I wouldn't assume they make you safe.

    Of course download isn't the same as install. On older android versions there is a setting to allow installation from "unknown sources" (i.e. other than the Play Store): if you want greater protection, only enable that when you need it and turn it off again afterwards. On newer versions that doesn't exist, but instead you can choose which apps (of those offering it) you allow to install other apps; I've no evidence behind this, but to me it seemed obvious that I should not allow a Web browser to install anything, so that a script cannot trick the browser into both downloading and installing an app when I'm browsing (I allow F-droid and one of my file browsers to do this, nothing else). You could of course enable and disable this access as needed as well (it's in Settings, Apps, Special App Access, Install Unknown Apps).

    But the best solution is to avoid sites which host such ads. Of course with ads being outsourced a site may find this happening inadvertently, but if you have experience of it I'd not go back, and I'm sure we can all think of the sorts of sites likely to host many dodgy ads.
     
    MrJavi, ocnbrze and mikedt like this.
  14. MichaelJohnny

    MichaelJohnny Newbie
    Thread Starter

    Thanks for the response guyz
     
    ocnbrze likes this.
  15. knoober

    knoober Android Enthusiast

    No one has mentioned a firewall yet ( I think I picked up the tip from https://androidforums.com/threads/p...izers-and-the-like.896663/page-7#post-6905248). Ive busted any number of apps phoning home all day long. Before the stock alarm clock made it easy to set a song as an alarm I had bought an alarm clock app just for this purpose. Kicked it to the curb when the firewall caught it phoning home several times a day. A popular AR game was dialing home every time I: made a call, opened/closed a browser, checked my email and any number of other normal activities. ( I dont want to trash talk and say these apps were up to anything malicious, but I still think this behavior is in poor taste by the developers)

    Smart browsing and common sense are important, but even then the apps/utilities that should be trustworthy might still be data mining, and a firewall can help with that.
     
    ocnbrze likes this.
  16. Davdi

    Davdi Android Expert

    I'm with @knoober for firewalls. I've not had many problems with apps phoning home, but just because I'm paranoid....
     
    ocnbrze likes this.
  17. MichaelJohnny

    MichaelJohnny Newbie
    Thread Starter

    Yes but router have firewall installed in it? right?
     
  18. knoober

    knoober Android Enthusiast

    The firewall on your router (some have them and some dont btw) will control all the traffic on your network. Packets from your phone, desktop, laptop... anything that goes through the router. A firewall on your phone/android device will control traffic from the phone/android device so you can restrict app 'A' and allow app 'B' full network access. Your router firewall also only works while connected to your home network, but a firewall on your phone will work whether you are using cell data, wifi , no matter the location.

    Another distinction I have noticed is that an android firewall will let you choose to allow/block and app of your choice, but a router firewall wants to know what ports to open or close, meaning that an android firewall is simpler to manage. There is alot to know about firewalls though, so please excuse me if I missed an important point somewhere.
     
    ocnbrze and MichaelJohnny like this.
  19. MichaelJohnny

    MichaelJohnny Newbie
    Thread Starter

    Thanks for detailed explanation
     
    ocnbrze likes this.
Loading...
Similar Threads - mobile devices secured
  1. Donny Tarter
    Replies:
    0
    Views:
    59
  2. corvairbob
    Replies:
    2
    Views:
    89
  3. kate
    Replies:
    0
    Views:
    380
  4. Compumac
    Replies:
    0
    Views:
    192
  5. IamShreya
    Replies:
    2
    Views:
    277
  6. bridex
    Replies:
    2
    Views:
    270
  7. Dragonight
    Replies:
    3
    Views:
    484
  8. Meera Shah
    Replies:
    0
    Views:
    710
  9. James_Watson
    Replies:
    9
    Views:
    576
  10. Gregory Skrebnev
    Replies:
    0
    Views:
    9,074

Share This Page

Loading...