1. Check out our companion app, Forums for Android! Download from Google Play

Is this strategy for security&privacy good enough?

Discussion in 'Android Lounge' started by jago25_98, Jul 22, 2012.

  1. jago25_98

    jago25_98 Well-Known Member
    Thread Starter

    Dec 15, 2010
    I'm starting to make purchases with my phone now and I think really I need to assess whether I could do more. This is what I do:

    1) Any dodgy app I download, if there's any doubt as to whether it might be a warez'ed copy, I run it through an online scanner first. I have forgotten to do it a few times though!!

    2) I don't install many apps I don't need and I uninstall the ones I've tried but didn't like.

    3) I use OperaMobile for purchases on the basis that this might be less of a target

    4) I don't run something like McAfee etc on the phone. All of the companies I've seen with those things I've had trouble with in the past. I'd trust something from the likes of eset or sophos but I haven't seen anything from them. Besides, I don't want to take this strategy. I'd prefer to do the scanning from a desktop. How can I do that? Is it possible to scan a nandroid backup on a desktop? edit: Bitdefender sent a guy a SMS at 3am and it has SMS read/send permissions so putting a line through that. Not impressed with commercial solutions in general. McAfee I experienced agressive selling on the desktop, Norton wormed it's way into a desktop hard to remove with Nagware etc. I'd trust something opensource but in general I'd prefer not to have another process running eating memory... unless that's really needed to protect against XSS for example... it seems like these companies are over-hyping it.

    5) I use LBE PrivacyGuard for permissions. It seems pretty basic though and I'd prefer the one that works a little bit lower level via a full ROM patch... but I'm waiting on ICS333 ROM for i9000 to come out with the 4.1 JB before I go into the hassle of that kind of thing. Is LBE giving me a false sense of security?

    6) I'm using TitaniumBackup to freeze apps that I found coming out of the background, wasting battery or transmitting without my permission. These include, but not limited to:
    skype, fring, newsrob,talk,youtube,GoogleDrive,EggDrop
    I've uninstalled Facebook after their little transgression. I use the mobile site now.

    7) Do I trust OperaMini too much. I know it all goes through their servers in the USA. I trust the company but not the country they're hosted in.
    I've ended up giving the keys to the kingdom to SecureSettings and Tasker too... not ideal... what do you think?

    Finally, I'm not too happy with what the Google processes are doing. I find them transmitting in the background. Not sure what they're doing and I don't like the lack of control. I like to know what's going on. I'd like to know how much not having GApps would help against that because perhaps I can live without them if I can find a way to install apps without Google Play. I also wonder, would CM9 be any better than 333ICS ROM for control or would I need to go as far as the Replicant ROM, where the only area out of control is the modem binary blob.

    As you can see there's a lot to it. I hope it's been useful and if you've got any comments please let me know. I like to know what my phone is doing and in general I've found it A LOT harder to do that than linux.



  2. !on

    !on Well-Known Member

    Aug 14, 2011
    It's widely recognised that stock browser is very secure (https), it's always handled 'visa verification' page, though I've had no probs with opera mobile either (https). But then I think it's also up to the website provider to be secure enough in the first place.

    I wouldn't put money on an online account, period. iTunes got hacked, paypal got hacked.... but if you use your card for one off purchases & something goes wrong, card company will sort it. It doesn't take long to enter card details, some sites will remember it, you need to enter security number & you can change passwords whenever.

    App permissions, well, look at what an app needs to do in your phone & decide if it's reasonable to use those permissions for what it does.

    You can freeze things, personally the biggest thing I don't trust is farcebook, but then I keep them well away from me (even blocked email requests / opted out).

    The only virus scan I'll do is on the computer when the thing is plugged in to USB (the SD card), but only rarely. There was more chance of getting something nasty in .sis (nokia - symbian) spreading over bluetooth, even then you had to accept the incoming file. Not heard of any android specific threats but have heard of peoples wifi being hacked (those with lack of security).
  3. dwomack

    dwomack Member

    Jul 3, 2012
    Online Community Specialist at ESET North America
    San Diego, CA
    ESET does provide protection for Android with ESET Mobile Security. You can also scan the phone with your desktop antivirus IF that product will scan remote media devices.

Share This Page