[Flyme][CFT] Android Security Tips



2018-06-25 23:30

Show all posts
Edited by subhashvarma at 2018-07-26 19:27

20180528 - subhash - banner.png

[CFT] Android Security Tips

Installing 3rd Party Apps
Google Play store has got millions of apps to choose from. and is indeed the most secure source to download apps onto your device, but once a while you might have a necessity to sideload apps from 3rd party sites (When the device isn’t Google Certified, Installing Ported apps & those with Play store compatibility issues) and this is when hackers gets a chance to steal your sensitive data, always download APK’s from trusted sources like Google Play or secure 3rd party sites like APKMirror etc.
If you’re not sure regarding the safety of any file you can Upload it to Online Virus scanners like Virus Total to check the authenticity of the file.
Installing apps from untrusted sources makes you device vulnerable to malware which helps hackers perform remote attacks and Data theft.

App Permissions
Apps run in a secure environment called (Virtual sandbox) and unless you grant them the permissions they need to perform an action or to access data, the only data it gets access to is the data that’s inside the app, to make it easy to understand, let us say you have UBER installed on your device it needs to have the permission to access your GPS location and that is how it books you a cab, Now if you turn off or Deny the app to access the GPS location the app stops working, that by saying all apps on your device need several permissions to work properly, but these days apps developers just expect you to provide lot many unnecessary permissions to snoop your data, for example a calculator app doesn’t need to have a permission to access your camera. Likewise, the weather app asking for camera permission is something to suspect.
Android has inbuilt Per-App permissions manager where users can toggle ON/OFF several permissions for different apps.

A virtual private network (VPN) is an encrypted network that is built over a public infrastructure. VPN helps users to securely access the network from random locations across the globe, Your OS has firewall in place to protect your data that’s stored in the local memory, and the same way VPN protects your data that gets transmitted over the internet.
There are several security protocols that’sVPN’S use in order to tunnel the data and the most common being
Layer 2 Tunnelling Protocol(L2TP)/IPsec
Point-to-Point TunnellingProtocol (PPTP)
Secure Shell (SSH)
IP security (IPSec)
Secure Sockets Layer (SSL) and Transport Layer Security(TLS)
Thought this might seem complex,Installing and using a VPN is pretty simple, all you need to do is to just download a VPN app from the play store (read the descr iption and reviews) once its installed on your device open it, select the region you wanted your connection to be tunneled and enter start. Hooray! Your connected is now encrypted and secure.
Most VPN apps are free for a limited time or till the time you reach the free bandwidth cap, where after you need to have a subscr iption plan to remove the data cap, adverts & extra security features.

Encryption is a process of encrypting the data with an encryption key so that you can keep your data safe from prying eyes, when you enable the encryption in your device the data that’s on your device can only be accessed by the admin i.e. you, so every time you need to access a file, it asks you to enter the password (Decryption key) that you’ve set when During on encryption, this password can be anything like Pin, Pattern etc.
Note: Encryption takes hours to complete (Depending on the size of data you’ve wanted to encrypt)
It is a resource intense task so be careful before you do it
Encryption settings can be accessed from Settings->Security

Careful using an unknown network
Using an unknown Wi-Fi Network or a public network makes it easy for hackers to snoop your data or to even transfer malicious code to your device with ease, before you connect to any network make sure its trusted, but in case it isn’t, you need to at least use a VPN or an antivirus to prevent the above stated security issues.
flyme tag.jpg