Introduction
This is the first part of the series of ‘Pro Tips For Android Security’. I won’t discuss all the tips in this post, but will talk about three ‘super-important’ tips.
Android is the most popular mobile operating system, but does it really have what it takes to be the perfect operating system to keep away malwares?
Google, as of now uses a system known as 'Clusterfuzz', that is capable of bringing out the vulnerabilities in the Android OS. Likewise, when an application is submitted to the Play Store, it uses 'Bouncer' system to analyse the application's code, to bring out the bugs.
Google has done their part in employing these automated systems, but manufacturers are still not serious about providing the much needed support for old models. These older devices don't even get the required security patches.
So, being an android user, it is better give top priority towards your device's security rather than just updating your OS and applications. In this post, I am going to discuss some of the ways by which you can improve the safety of your Android devices.
Stop Sideloading
“Sideloading” means leaving the safety of the Google Play Store to install apps from other sources, such as untrusted websites. Such sites serve up Android applications in the form of Application Package (APK) downloads, and installing one carries many of the same risks as running an unfamiliar EXE file in Windows. Bypassing the Play Store “Bouncer”, which checks for poor coding or malicious content, isn’t normally a good idea – although it can be safe if you’re sure of the source. Amazon, for example, requires you to sideload apps if you wish to use its Underground store.
Even then, trustworthy sources are known to have become infected, and without automated tools such as Bouncer to inspect the code, it’s possible for such infections to escape notice. Sideloading is only possible if you have permitted Android to install apps from unknown sources in your device’s security settings – the default configuration prevents the installation of apps from sources other than the Play Store. Check this is enabled to save you from accidental sideload syndrome.
Believe In Encryption
Unless you have a seriously underpowered handset, or a seriously old one, there really isn’t any excuse for not enabling encryption. If you have a modern device such as the Nexus 5X or 6P then full- disk encryption (FDE) will be enabled by default – and you can’t disable it.
Why would you want to? Encryption can impair the performance of older devices, making them slower to boot and save files, for example. If you think that your device booting 30 seconds or so quicker is more important than your files being safe from prying eyes should it get stolen or lost, then that’s the risk you take. If you’d rather not have strangers ploughing through your photos, text messages, address books and the like then go to Settings | Security | Encrypt phone. You could rely upon the Remote Wipe function to destroy all your data in case of loss, but would you really want to leave that window of eavesdropping opportunity open when you could keep it securely locked with FDE?
Take Extra Care Of The Permissions
Despite the popular perception, Android apps are really quite secure in terms of what data or device functionality they can access by default. All apps are housed in a virtual application sandbox to isolate their data and code execution from other apps. Without explicit additional permission, the only data an app can access is the data that comes with it. Unfortunately, apps will ask for a whole bunch of access permissions to be granted when you download them, and many users grant these without even thinking why a camera app should access your call log, for example.
Android 6 (Marshmallow) brings granular permissions control through Settings | Apps| <appname> | Permissions. Each permission category for that specific app can be toggled on or off from here, regardless of what was granted at the time of installation. Beware that app functionality may be impaired if you switch off permissions that are critical to its operation – although you’ll usually be prompted to switch the permission back on, if necessary.
Conclusion
I hope that you have enjoyed reading this post. Follow me (@freelancewriter) for more updates on this series. Also, don’t forget to check out my other posts as well here on my blog - @freelancewriter, as they may interest you.
Image Credits: Giphy
You got my vote with "Stop all the downloading"
Love the Fensler Films G.I. Joe parodies.
Solid information too. People need to secure digitally or suffer some bad consequences, unfortunately.
Source: http://www.magzter.com/article/Technology/PC-Pro/10-Ways-to-Harden-Android-Security
Not indicating that the content you copy/paste is not your original work could be seen as plagiarism.
Some tips to share content and add value:
Repeated plagiarized posts are considered spam. Spam is discouraged by the community, and may result in action from the cheetah bot.
Creative Commons: If you are posting content under a Creative Commons license, please attribute and link according to the specific license. If you are posting content under CC0 or Public Domain please consider noting that at the end of your post.
If you are actually the original author, please do reply to let us know!