Mobile Devices

Smart phones have revolutionized so many aspects of life and brought the world to our fingertips. For many of us, smart phones are our primary means of communication, entertainment and access to knowledge. But while they've brought convenience to whole new level, there's some ugly things going on behind the screen. Geo-tracking is used to trace our every move, and we have little control over who has this data- your phone is even able to track your location without GPS. Over the years numerous reports that surfaced, outlining ways in which your phone's mic can eavesdrop, and the camera can watch you- all without your knowledge or consent. And then there's the malicious apps, lack of security patches and potential/ likely backdoors. Using a smart phone generates a lot of data about you- from information you intentionally share, to data silently generated from your actions. It can be scary to see what Google, Microsoft, Apple and Facebook know about us- sometimes they know more than our closest family. It's hard to comprehend what your data will reveal, especially in conjunction with other data. This data is used for far more than just advertising - more often it's used to rate people for finance, insurance and employment. Targeted ads can even be used for fine-grained surveillance (see ADINT) More of us are concerned about how governments use collect and use our smart phone data, and rightly so, federal agencies often request our data from Google, Facebook, Apple, Microsoft, Amazon, and other tech companies. Sometimes requests are made in bulk, returning detailed information on everybody within a certain geo-fence, often for innocent people. And this doesn't include all of the internet traffic that intelligence agencies around the world have unhindered access to.

0 out of 23 (0%) complete, 0 ignored

Done?AdviceLevelDetails
Essential

In order to keep your data safe from physical access, use file encryption. This will mean if your device is lost or stolen, no one will have access to your data.

Essential

When you're not using WiFi, Bluetooth, NFC etc, turn those features off. There are several common threats that utilise these features.

Essential

Uninstall apps that you don’t need or use regularly. As apps often run in the background, slowing your device down, but also collecting data.

Essential

Don’t grant apps permissions that they don’t need. For Android, Bouncer is an app that allows you to grant temporary/ 1-off permissions.

Essential

Applications on Apple App Store and Google Play Store are scanned and cryptographically signed, making them less likely to be malicious.

Optional

Juice Jacking is when hackers use public charging stations to install malware on your smartphone or tablet through a compromised USB port.

Essential

SIM hijacking is when a hacker is able to get your mobile number transferred to their sim. The easiest way to protect against this is to set up a PIN through your mobile provider.

Optional

To keep your details private, you can unlist your number from caller ID apps like TrueCaller, CallApp, SyncMe, and Hiya.

Optional

Consider using an offline maps app, such as OsmAnd or Organic Maps, to reduce data leaks from map apps.

Optional

You can slightly reduce the amount of data collected by opting-out of seeing personalized ads.

Optional

To protect against an attacker brute forcing your pin, set your device to erase after too many failed login attempts.

Optional

εxodus is a great service which lets you search for any app and see which trackers are embedded in it.

Optional

To prevent applications from leaking privacy-sensitive data, you can install a firewall app.

Optional

For Android, SuperFreeze makes it possible to entirely freeze all background activities on a per-app basis.

Optional

Prevent permission-hungry apps from accessing your private data with Island, a sandbox environment.

Advanced

Orbot provides a system-wide Tor connection, which will help protect you from surveillance and public WiFi threats.

Optional

It is recommended to stick with your device's stock keyboard. If you choose to use a third-party keyboard app, ensure it is reputable.

Optional

Restarting your phone at least once a week will clear the app state cached in memory and may run more smoothly after a restart.

Optional

SMS should not be used to receive 2FA codes or for communication, instead use an encrypted messaging app, such as Signal.

Optional

MySudo allows you to create and use virtual phone numbers for different people or groups. This is great for compartmentalisation.

Optional

Stalkerware is malware that is installed directly onto your device by someone you know. The best way to get rid of it is through a factory reset.

Optional

Where possible, consider using a secure browser to access sites, rather than installing dedicated applications.

Advanced

If you're concerned about your device manufacturer collecting too much personal information, consider a privacy-focused custom ROM.

Useful Links

Recommended Software