Mobile Hardening Guide: Difference between revisions
No edit summary Tag: 2017 source edit |
added links Tag: Manual revert |
||
| (12 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
= Mobile Device Hardening: Android || iOS = | = Mobile Device Hardening: Android || iOS = | ||
Ensure the safety and security of your mobile devices with these critical guidelines and recommendations tailored for Android and iOS systems. Additional resources are available at the [https://github.com/irregularchat/public-resources/tree/main/Checklists DFP Checklists]. | |||
There is a larger [[dfp-guide|DFP Section]] that is broader than just mobile devices | |||
== NSA Mobile Device Best Practices == | == NSA Mobile Device Best Practices == | ||
Download the [[ | Download the [[:File:Nsa mobile device best practices.pdf|NSA Mobile Device Best Practices PDF]] for a comprehensive guide. Below are some essential highlights: | ||
* '''Keep Applications Updated''': Ensure apps are always up-to-date to mitigate vulnerabilities and benefit from the latest security patches. | |||
* '''Disable AdTech''': Remove your Advertising ID and disable personalized ads to reduce tracking. | |||
* '''Use Screen Lock Protection''': Secure your device with passcodes, fingerprint, or facial recognition. | |||
* '''Lock Individual Apps''': Set additional locks for sensitive apps such as those handling communication and finance. | |||
* '''Power Cycle Your Device''': Regularly restart your phone to clear out potential vulnerabilities. | |||
<pdf>File:Nsa mobile device best practices.pdf</pdf> | |||
== Comprehensive Mobile Security Checklist == | == Comprehensive Mobile Security Checklist == | ||
| Line 19: | Line 21: | ||
This checklist is designed to help you harden your mobile device security: | This checklist is designed to help you harden your mobile device security: | ||
'''Digital Security''': | |||
☑ Disable unused wireless radios. | * ☑ Disable unused wireless radios. | ||
☑ Use airplane mode when not needed. | * ☑ Use airplane mode when not needed. | ||
☑ Avoid apps and settings that rely heavily on ad tracking. | * ☑ Avoid apps and settings that rely heavily on ad tracking. | ||
'''Passwords & Authentication''': | |||
☑ Use strong passwords or pins for screen locks. | * ☑ Use strong passwords or pins for screen locks. | ||
☑ Lock your SIM card and obtain the PUK from your carrier. | * ☑ Lock your SIM card and obtain the PUK from your carrier. | ||
☑ Enable device encryption. | * ☑ Enable device encryption. | ||
☑ Use biometrics wisely (prefer non-index fingers). | * ☑ Use biometrics wisely (prefer non-index fingers). | ||
☑ Use a trusted password manager. | * ☑ Use a trusted password manager. | ||
'''Activity & Maintenance''': | |||
☑ Turn off always-on virtual assistants. | * ☑ Turn off always-on virtual assistants. | ||
☑ Regularly update the OS and apps. | * ☑ Regularly update the OS and apps. | ||
☑ Avoid public USB chargers; use data blockers. | * ☑ Avoid public USB chargers; use data blockers. | ||
☑ Download apps only from trusted sources. | * ☑ Download apps only from trusted sources. | ||
☑ Use a VPN and enable password protection for vital apps. | * ☑ Use a VPN and enable password protection for vital apps. | ||
☑ Maximize privacy settings in all apps. | * ☑ Maximize privacy settings in all apps. | ||
== Mobile Applications for Enhancing Security and Privacy == | == Mobile Applications for Enhancing Security and Privacy == | ||
| Line 43: | Line 45: | ||
Here are some recommended applications to strengthen your mobile device's security and privacy: | Here are some recommended applications to strengthen your mobile device's security and privacy: | ||
=== | === Side-Loading Apps: Risks and Benefits (Android) === | ||
Understand the pros and cons of side-loading apps (installing from non-official sources): | |||
= | ==== Benefits ==== | ||
* Access a broader range of apps. | |||
* Use open-source apps for better privacy. | |||
= | ==== Risks ==== | ||
* Potential exposure to malware. | |||
* May void your device's warranty. | |||
= | === F-Droid: A Secure Alternative === | ||
F-Droid is an open-source platform for Android apps that focuses on privacy and security. | |||
= | ==== Pros ==== | ||
* Non-tracking, privacy-first app store. | |||
* Access to open-source apps. | |||
=== | ==== Cons ==== | ||
* Limited selection compared to Google Play. | |||
* Possible compatibility issues on some devices. | |||
=== How to Install F-Droid === | |||
# Visit the [https://f-droid.org/en/ official F-Droid website]. | |||
# Download the F-Droid APK file. | |||
# Enable installation from unknown sources on your Android device. | |||
# Open the APK file to install F-Droid. | |||
# Browse and install secure, open-source apps. | |||
For those looking for a Google Play alternative, try the [https://f-droid.org/en/packages/com.aurora.store/ Aurora Store], an open-source frontend to Google Play with privacy in mind. | |||
=== Recommended Mobile Apps for Security and Privacy (Android and iOS) === | |||
==== Password Management ==== | ==== Password Management ==== | ||
* '''Bitwarden''': Available on [https://play.google.com/store/apps/details?id=com.x8bit.bitwarden Android] and [https://apps.apple.com/us/app/bitwarden-password-manager/id1137397744 iOS]. | |||
* '''KeePass''': Available on [https://play.google.com/store/apps/details?id=keepass2android.keepass2android Android], [https://strongboxsafe.com/ iOS], and [https://f-droid.org/en/packages/com.android.keepass/ F-Droid]. | |||
==== Two-Factor Authentication ==== | ==== Two-Factor Authentication ==== | ||
* '''Aegis''': Available on [https://getaegis.app/ Android] and [https://f-droid.org/en/packages/com.beemdevelopment.aegis/ F-Droid]. | |||
* '''2FAS''': More details available on the [https://wiki.irregularchat.com/en/resources/guides/dfp-guide/quick#multi-factor-authentication-mfa official MFA guide]. | |||
==== Malware Protection ==== | ==== Malware Protection ==== | ||
* '''Malwarebytes''': Available on [https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware Android] and [https://apps.apple.com/us/app/malwarebytes-mobile-security/id1327105431 iOS]. | |||
==== Encryption and Data Protection ==== | ==== Encryption and Data Protection ==== | ||
* '''OpenKeychain''': Manage PGP keys on [https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain Android]. | |||
* '''Cryptomator''': Encrypt files before cloud upload on [https://play.google.com/store/apps/details?id=org.cryptomator Android], [https://apps.apple.com/us/app/cryptomator/id953086535 iOS], and [https://f-droid.org/en/packages/org.cryptomator.lite/ F-Droid]. | |||
==== Secure Communication ==== | ==== Secure Communication ==== | ||
* '''Element Messenger''': Available on [https://play.google.com/store/apps/details?id=im.vector.app Android] and [https://apps.apple.com/us/app/element-messenger/id1083446067 iOS], also on [https://f-droid.org/en/packages/im.vector.app/ F-Droid]. | |||
* '''ProtonMail''': Encrypted email service from Switzerland, available on [https://play.google.com/store/apps/details?id=ch.protonmail.android Android] and [https://apps.apple.com/us/app/protonmail-encrypted-email/id979659905 iOS]. | |||
==== Specialized Tools for Security ==== | ==== Specialized Tools for Security ==== | ||
* '''TrackerControl''' (F-Droid): Monitor and control app data collection. | |||
* '''Insular''': Isolate apps or run multiple accounts on [https://f-droid.org/en/packages/com.oasisfeng.island.fdroid/ F-Droid]. | |||
[[Category:Privacy]] | [[Category:Privacy]] | ||
[[Category:Security]] | [[Category:Security]] | ||
[[Category:Mobile Security]] | [[Category:Mobile Security]] | ||
[[Category:DFP Guide]] | [[Category:DFP Guide]] | ||
[[Category:Guides]] | [[Category:Guides]] | ||
Latest revision as of 23:19, 17 October 2024
Mobile Device Hardening: Android || iOS
Ensure the safety and security of your mobile devices with these critical guidelines and recommendations tailored for Android and iOS systems. Additional resources are available at the DFP Checklists.
There is a larger DFP Section that is broader than just mobile devices
NSA Mobile Device Best Practices
Download the NSA Mobile Device Best Practices PDF for a comprehensive guide. Below are some essential highlights:
- Keep Applications Updated: Ensure apps are always up-to-date to mitigate vulnerabilities and benefit from the latest security patches.
- Disable AdTech: Remove your Advertising ID and disable personalized ads to reduce tracking.
- Use Screen Lock Protection: Secure your device with passcodes, fingerprint, or facial recognition.
- Lock Individual Apps: Set additional locks for sensitive apps such as those handling communication and finance.
- Power Cycle Your Device: Regularly restart your phone to clear out potential vulnerabilities.
Comprehensive Mobile Security Checklist
This checklist is designed to help you harden your mobile device security:
Digital Security:
- ☑ Disable unused wireless radios.
- ☑ Use airplane mode when not needed.
- ☑ Avoid apps and settings that rely heavily on ad tracking.
Passwords & Authentication:
- ☑ Use strong passwords or pins for screen locks.
- ☑ Lock your SIM card and obtain the PUK from your carrier.
- ☑ Enable device encryption.
- ☑ Use biometrics wisely (prefer non-index fingers).
- ☑ Use a trusted password manager.
Activity & Maintenance:
- ☑ Turn off always-on virtual assistants.
- ☑ Regularly update the OS and apps.
- ☑ Avoid public USB chargers; use data blockers.
- ☑ Download apps only from trusted sources.
- ☑ Use a VPN and enable password protection for vital apps.
- ☑ Maximize privacy settings in all apps.
Mobile Applications for Enhancing Security and Privacy
Here are some recommended applications to strengthen your mobile device's security and privacy:
Side-Loading Apps: Risks and Benefits (Android)
Understand the pros and cons of side-loading apps (installing from non-official sources):
Benefits
- Access a broader range of apps.
- Use open-source apps for better privacy.
Risks
- Potential exposure to malware.
- May void your device's warranty.
F-Droid: A Secure Alternative
F-Droid is an open-source platform for Android apps that focuses on privacy and security.
Pros
- Non-tracking, privacy-first app store.
- Access to open-source apps.
Cons
- Limited selection compared to Google Play.
- Possible compatibility issues on some devices.
How to Install F-Droid
- Visit the official F-Droid website.
- Download the F-Droid APK file.
- Enable installation from unknown sources on your Android device.
- Open the APK file to install F-Droid.
- Browse and install secure, open-source apps.
For those looking for a Google Play alternative, try the Aurora Store, an open-source frontend to Google Play with privacy in mind.
Recommended Mobile Apps for Security and Privacy (Android and iOS)
Password Management
Two-Factor Authentication
- Aegis: Available on Android and F-Droid.
- 2FAS: More details available on the official MFA guide.
Malware Protection
Encryption and Data Protection
- OpenKeychain: Manage PGP keys on Android.
- Cryptomator: Encrypt files before cloud upload on Android, iOS, and F-Droid.
Secure Communication
- Element Messenger: Available on Android and iOS, also on F-Droid.
- ProtonMail: Encrypted email service from Switzerland, available on Android and iOS.
Specialized Tools for Security
- TrackerControl (F-Droid): Monitor and control app data collection.
- Insular: Isolate apps or run multiple accounts on F-Droid.