• Home
  • About
  • Privates
  • Protection
  • Contact
Menu

Private Parts

Street Address
City, State, Zip
Phone Number

Your Custom Text Here

Private Parts

  • Home
  • About
  • Privates
  • Protection
  • Contact

PRIVACY 101: Android Devices

January 25, 2021 Kiera Fightley
android-LOCK.png

Editor’s Note: The below is a guest post! My dear application security expert friend took the reigns for this Android-specific how-to on keeping your device safe.

Our devices are integrated into our daily lives, from the moment we wake up to the moment we go to sleep. We regularly input tons of personal data and sync this data across various accounts to include financial, business, and social.

Here is a list of steps you can take to ensure that your Android device's intimate data points are being used how and when you want them to be used.

TELL THE WIZARD TO KEEP THINGS HUSH

During initial device setup, disable any options asking to track your data. Be cautious as vendors may attempt to hide the pro-privacy settings behind non-intuitive user interfaces.

LIMIT GOOGLE OVERWATCH

Google is tightly coupled on most Android devices. Log on to your Google account to review your privacy and sharing options including: location info, web and app activity, device information, YouTube history, and other privacy/sharing items. Be sure to explore all of the menus, as privacy and security options are added/changed/moved over time.

DON'T INSTALL APPS FROM UNTRUSTED/UNVERIFIED SOURCES

Apps that don't come from official channels (such as Google Play Store) come with an increased risk of malware or otherwise undesirable effects. A decent way to avoid potential infection is to only install apps from trusted sources. You should never follow instructions that tell you to disable the built-in Android protections that prevent third-party/unverified app installation.

CHECK APP PERMISSIONS BEFORE YOU INSTALL THEM

Auditing app permissions prior to install can help you maintain control of your private parts. While the Google Play Store does allow you to view the app’s requested permissions, finding this information in the Play Store app has become less intuitive over the last couple versions. Here’s how to audit permissions before installation using the current iteration of the Play Store:

From the apps's Play Store page, under the description section, tap the "Read More" text.

  • Scroll to the bottom of the info, and tap the "See More" text located next to the App permissions row and you’ll see a list of app permissions you can audit.

It’s up to the developer of each app to set the required permissions. If you're unsure about a particular permission, you can look up what each permission means at AndroidCentral.com. Maybe you for sure aren't okay with an app having access to the data it wants, you could reach out to the developer to ask that they tone things down. Another option is to seek an alternate app that can perform the same function for you without requiring as many permissions. The fact remains that apps are internet connected, so any data that the app can access from your device could be sent back to the developer's servers and/or their partner servers.

With auto-update enabled (the default), app permissions in a previously-approved group could automatically be added by an app update and you will not be notified. App developers could use this functionality to covertly acquire more data from your device than you had initially granted them. After initial installation, app permission audits should be performed regularly.

CHECK APP PERMISSIONS AFTER INITIAL INSTALLATION

Settings -> Apps & notifications -> App permissions

Disable any permissions you don't want specific apps to be able to use by tapping the slider to toggle their access. Does a Sad Trombone Sound app really need access to your GPS Location in order to carry out its function? Probably not!

You should periodically review app permissions, especially if you have apps auto-update (remember, they can automatically add permissions without warning during updates).

AIN’T NO SUCH THING AS FREE

When apps claim to give you coupons or something else for free, even if they deliver, chances are you're the product being sold! Any information that the app can obtain via permissions and/or account-linking can be sent back to those individuals who are after your private data.

PUT PERMISSION-HUNGRY APPS IN TIMEOUT ON THE ISLAND

What can you do if you really want or need to install a certain app, but it won't even function due to permissions that you’ve (intentionally) denied it? One option would be to install the Island app. This is a way to add a little bit of restriction for apps that you may wish to use, but don't necessarily approve of the required permissions. The Island app takes advantage of the "Work Profile" feature of Android 5.0+ and creates a "sandbox" environment (independent of your regular Android environment) in which the permission-laden apps can run. Apps are basically cloned in the Island, and the app clones cannot access your contacts, read your call logs, or detect other apps outside of the Island environment.

APP GOT YOUR BANDWIDTH?

Settings -> Network & Internet -> Data usage -> Mobile data usage

Avoid the surprise of rogue apps stealing your bandwidth, such as the recent DrainerBot by auditing data usage. Malicious apps can use your device to invisibly send and receive data, resulting in wasted data/money for you and profits for them. If you find that an app is using a suspect amount of data, you could freeze the bad app's behavior by using the Island app or completely uninstall the suspicious app.

In Privacy 101, Privacy, Mobile, Guest Writer Tags island app, drainerbot, android, android mobile, app permissions, security, infosec, security hygiene, phone security, cybersecurity, google, google play, app store, privacy settings, play store, android security, android securing phone, secure android phone
← Was it just me? Targeted vs. Opportunistic Phishing EmailsPasswords: We’re Still Bad at Them →

Hide your privates.