Mobile Hardening Guide: Difference between revisions
No edit summary |
added links Tag: Manual revert |
||
| (12 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
= Mobile Device Hardening: Android || iOS = | = Mobile Device Hardening: Android || iOS = | ||
Ensure the safety and security of your mobile devices with these critical guidelines and recommendations tailored for Android and iOS systems. Additional resources are available at the [https://github.com/irregularchat/public-resources/tree/main/Checklists DFP Checklists]. | |||
There is a larger [[dfp-guide|DFP Section]] that is broader than just mobile devices | |||
== NSA Mobile Device Best Practices == | == NSA Mobile Device Best Practices == | ||
Download the [[ | Download the [[:File:Nsa mobile device best practices.pdf|NSA Mobile Device Best Practices PDF]] for a comprehensive guide. Below are some essential highlights: | ||
* '''Keep Applications Updated''': Ensure apps are always up-to-date to mitigate vulnerabilities and benefit from the latest security patches. | |||
* '''Disable AdTech''': Remove your Advertising ID and disable personalized ads to reduce tracking. | |||
* '''Use Screen Lock Protection''': Secure your device with passcodes, fingerprint, or facial recognition. | |||
* '''Lock Individual Apps''': Set additional locks for sensitive apps such as those handling communication and finance. | |||
* '''Power Cycle Your Device''': Regularly restart your phone to clear out potential vulnerabilities. | |||
<pdf>File:Nsa mobile device best practices.pdf</pdf> | |||
== Comprehensive Mobile Security Checklist == | == Comprehensive Mobile Security Checklist == | ||
| Line 19: | Line 21: | ||
This checklist is designed to help you harden your mobile device security: | This checklist is designed to help you harden your mobile device security: | ||
'''Digital Security''': | |||
☑ Disable unused wireless radios. | * ☑ Disable unused wireless radios. | ||
☑ Use airplane mode when not needed. | * ☑ Use airplane mode when not needed. | ||
☑ Avoid apps and settings that rely heavily on ad tracking. | * ☑ Avoid apps and settings that rely heavily on ad tracking. | ||
'''Passwords & Authentication''': | |||
☑ Use strong passwords or pins for screen locks. | * ☑ Use strong passwords or pins for screen locks. | ||
☑ Lock your SIM card and obtain the PUK from your carrier. | * ☑ Lock your SIM card and obtain the PUK from your carrier. | ||
☑ Enable device encryption. | * ☑ Enable device encryption. | ||
☑ Use biometrics wisely (prefer non-index fingers). | * ☑ Use biometrics wisely (prefer non-index fingers). | ||
☑ Use a trusted password manager. | * ☑ Use a trusted password manager. | ||
'''Activity & Maintenance''': | |||
☑ Turn off always-on virtual assistants. | * ☑ Turn off always-on virtual assistants. | ||
☑ Regularly update the OS and apps. | * ☑ Regularly update the OS and apps. | ||
☑ Avoid public USB chargers; use data blockers. | * ☑ Avoid public USB chargers; use data blockers. | ||
☑ Download apps only from trusted sources. | * ☑ Download apps only from trusted sources. | ||
☑ Use a VPN and enable password protection for vital apps. | * ☑ Use a VPN and enable password protection for vital apps. | ||
☑ Maximize privacy settings in all apps. | * ☑ Maximize privacy settings in all apps. | ||
== Mobile Applications for Enhancing Security and Privacy == | == Mobile Applications for Enhancing Security and Privacy == | ||
| Line 43: | Line 45: | ||
Here are some recommended applications to strengthen your mobile device's security and privacy: | Here are some recommended applications to strengthen your mobile device's security and privacy: | ||
=== | === Side-Loading Apps: Risks and Benefits (Android) === | ||
Understand the pros and cons of side-loading apps (installing from non-official sources): | |||
= | ==== Benefits ==== | ||
* Access a broader range of apps. | |||
* Use open-source apps for better privacy. | |||
= | ==== Risks ==== | ||
* Potential exposure to malware. | |||
* May void your device's warranty. | |||
= | === F-Droid: A Secure Alternative === | ||
F-Droid is an open-source platform for Android apps that focuses on privacy and security. | |||
= | ==== Pros ==== | ||
* Non-tracking, privacy-first app store. | |||
* Access to open-source apps. | |||
=== | ==== Cons ==== | ||
* Limited selection compared to Google Play. | |||
* Possible compatibility issues on some devices. | |||
=== How to Install F-Droid === | |||
# Visit the [https://f-droid.org/en/ official F-Droid website]. | |||
# Download the F-Droid APK file. | |||
# Enable installation from unknown sources on your Android device. | |||
# Open the APK file to install F-Droid. | |||
# Browse and install secure, open-source apps. | |||
For those looking for a Google Play alternative, try the [https://f-droid.org/en/packages/com.aurora.store/ Aurora Store], an open-source frontend to Google Play with privacy in mind. | |||
=== Recommended Mobile Apps for Security and Privacy (Android and iOS) === | |||
==== Password Management ==== | ==== Password Management ==== | ||
* '''Bitwarden''': Available on [https://play.google.com/store/apps/details?id=com.x8bit.bitwarden Android] and [https://apps.apple.com/us/app/bitwarden-password-manager/id1137397744 iOS]. | |||
* '''KeePass''': Available on [https://play.google.com/store/apps/details?id=keepass2android.keepass2android Android], [https://strongboxsafe.com/ iOS], and [https://f-droid.org/en/packages/com.android.keepass/ F-Droid]. | |||
==== Two-Factor Authentication ==== | ==== Two-Factor Authentication ==== | ||
* '''Aegis''': Available on [https://getaegis.app/ Android] and [https://f-droid.org/en/packages/com.beemdevelopment.aegis/ F-Droid]. | |||
* '''2FAS''': More details available on the [https://wiki.irregularchat.com/en/resources/guides/dfp-guide/quick#multi-factor-authentication-mfa official MFA guide]. | |||
==== Malware Protection ==== | ==== Malware Protection ==== | ||
* '''Malwarebytes''': Available on [https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware Android] and [https://apps.apple.com/us/app/malwarebytes-mobile-security/id1327105431 iOS]. | |||
==== Encryption and Data Protection ==== | ==== Encryption and Data Protection ==== | ||
* '''OpenKeychain''': Manage PGP keys on [https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain Android]. | |||
* '''Cryptomator''': Encrypt files before cloud upload on [https://play.google.com/store/apps/details?id=org.cryptomator Android], [https://apps.apple.com/us/app/cryptomator/id953086535 iOS], and [https://f-droid.org/en/packages/org.cryptomator.lite/ F-Droid]. | |||
==== Secure Communication ==== | ==== Secure Communication ==== | ||
* '''Element Messenger''': Available on [https://play.google.com/store/apps/details?id=im.vector.app Android] and [https://apps.apple.com/us/app/element-messenger/id1083446067 iOS], also on [https://f-droid.org/en/packages/im.vector.app/ F-Droid]. | |||
* '''ProtonMail''': Encrypted email service from Switzerland, available on [https://play.google.com/store/apps/details?id=ch.protonmail.android Android] and [https://apps.apple.com/us/app/protonmail-encrypted-email/id979659905 iOS]. | |||
==== Specialized Tools for Security ==== | ==== Specialized Tools for Security ==== | ||
* '''TrackerControl''' (F-Droid): Monitor and control app data collection. | |||
* '''Insular''': Isolate apps or run multiple accounts on [https://f-droid.org/en/packages/com.oasisfeng.island.fdroid/ F-Droid]. | |||
[[Category:Privacy]] | [[Category:Privacy]] | ||
[[Category:Security]] | [[Category:Security]] | ||
[[Category:Mobile Security]] | [[Category:Mobile Security]] | ||
[[Category:DFP Guide]] | [[Category:DFP Guide]] | ||
[[Category:Guides]] | [[Category:Guides]] | ||