Encrypt your entire Operating System (OS). Phone encryption is the first line of defense for whichever phone you happen to use, ensuring that no one can even so much as turn on your device without the proper credentials. It is important to understand that encrypting your phone and setting a screen lock for it are not the same thing. It is also important to understand that, depending on the type of phone you have and who manufactured it, screen locks can be bypassed by 3rd parties – such as hackers – as well as through different back-doors found within various software applications/programs you’ve installed on it. Encrypting your phone on the other hand encrypts your entire operating system all at once, requiring password authentication for the phone to even boot up and power on in the first place – ensuring that no App, program or file can be exploited or corrupted to gain full access to your phone.
Depending on what type of phone you have, your settings might come with a built in feature allowing to encrypt individual Apps. If not, you can install a firewall application for that – more on this later on in the article. If you are unfamiliar where to find your phones encryption options, they are available in the “security” section under the main settings menu. Please note that it can take an hour or more to fully encrypt your phone, so it’s important to always begin with a fully charged battery.
Select an appropriate screen lock. Screen locks are a different form of encryption in a sense, ensuring that no one can use/operate your phone when you lose it, are away from it or leave it out in public. As far as how you set it up, there are 4 different options to choose from – each one having its pro’s and cons.
- Password Lock. Users will be required to enter a unique password consisting of letters, numbers and symbols to unlock your device. Personally, I believe password protection to be by far the most secure of all options. However, for the same reason, it could be considered the most “inconvenient,“ because it requires the most amount of time/attention to enter every time you wish to unlock your device.
- Pin Lock. Pin locks work exactly like password protections, only they exclude letters and symbols. Meaning that users will be required to enter a pass-code of random numbers in order to unlock your phone. For the very reason that pins exclude letters and symbols, they are a little less secure than passwords, exponentially decreasing the theoretical number of guesses it would take to crack/unlock your device.
- Pattern Lock. I am finding that this is becoming the most “trendy” screen lock these days, simply requiring users to use their fingers to “connect the dots” and draw a unique pattern on the front of their screen before it unlocks. However, I find pattern locks to be less secure than some of the other options, because there is a much higher probability of successfully drawing a random pattern to unlock a device than their is guessing an advanced password or pin.
- Biometrics. The newest “craze” is security is using your own fingerprints, eyes, face or facial expressions to unlock different devices. However, while these options may be the most convenient and fastest, they are also by far the least secure. I say this because multiple studies have proven how easy it is to trick biometric security measures, and often times the pictures off your own social media accounts are enough to bypass them.
Password/Pin protect your SIMor SSID card. It is important to understand that encrypting your operating system and setting a screen lock will do nothing to protect your data cards or memory chips, securing those is an entirely separate matter. So lastly, you are going to want to encrypt/password protect your SIM and/or SSID card. To do this simply enter into the security options within your phones main settings menu, find/select your memory chips and create a unique pin lock for them. This ensures that no matter where your memory chip goes or whatever phone/device it’s plugged into, no one will be allowed to access your contacts, photos, videos, messages, files or data without entering the correct pin code first.
If you would like help learning how to build strong and easy to remember passwords to encrypt your accounts/devices, please read more in the tutorial provided below.
How To Write Un-Hackable Passwords: https://roguesec.co/how-to-write-un-hackable-passwords/
Some phones come pre-installed with various firewall options, but if yours does not then there is a sizeable number of firewall Apps to choose from. Firewalls are critically important to security because they allow users to seal off or block different Apps, limiting the possible points of entry for hackers or other 3rd parties. Depending on the type of firewall you select, you may also have the option to encrypt individual Apps on your phone, adding a 4th layer of encryption to your device while ensuring that even if someone is able to unlock it, they will not be allowed to use selected Apps without further permissions. This is particularly important/helpful if you utilize different types of chatrooms, group chats for work or VoIP services.
Perhaps most importantly, firewalls severely limit potential abuses of your phone. You can select different options to completely seal off individual Apps altogether, or seal off different settings/areas of your phone from outside sources.Not only does this prevent hackers from using selected Apps to compromise your phone, but at the same time it prevents App owners themselves and other 3rd parties from gaining access to your phone all the same. Firewalls also protect against unwarranted data collection of your phone, including call/text history and general phone usage. More importantly, building a strong firewall and sealing off selected Apps can free up memory space/data usage, both speeding up your phone and saving battery life. If there are Apps on your phone that you’ve never used a single day in your life, or you feel may be spying on you/invading your privacy, simply use your firewall to disable them altogether with the click of a button.
On a similar but side note, never blindly give every App different permissions just because they ask for them. For example, when first navigating a new phone you might find that you are regularly asked to allow different Apps to do random things, such as collect data or record audio/video. It might seem harmless, but think about it for a second. What the hell does the Google Chrome web browser possibly need to record audio for? The simple answer is it doesn’t, you are only being set up to have your phone hacked by authorities and/or law enforcement officials at a later date in time – should they ever feel the need. By checking these options and blindly granting permission to different Apps, your are secretly granting 3rd parties the permission to ‘flip the switch‘ so to speak and turn your phone into a spy/recording device whenever they want. So, don’t fall for it. There is literally no need to give different developers that much permission over your phone.
3.) Manage Security Certificates
Similarly, you should seriously check out the security certificates or “Trusted Credentials” list which came pre-installed on your phone. On my Android ZTE for example, my phone was handed to me with over 100 different security certificates installed on it, some of which grant different Government agencies/offices direct root access to my phone without requiring legal documents or warrants of any kind – no exaggeration. You might not have been told about this when you bought your phone, buy they are there. Just a short list of some of the organizations which have direct root access to my phone; China Financial Certification Authority, CyberTrust, Deutsche Telekom, Hellenic Academic Research Institute, HongKong Post, Japanese Government, VISA, TurkTrust,Wells Fargo, as well as countless other organizations operating under different Government umbrellas.
Thankfully though, you do have the ability to revoke these certificates/permissions if you like. Simply find where these certificates are under your settings menu and disable whichever ones you desire. Just note that disabling some of the most fundamental ones, such as those issues by your telecommunications provider, may break access to different areas of your phone – but this is always reversible.
4.) Internet Security & Antivirus
Most people are always surprised to learn that the same measures used to secure your computer can often times be transferred directly to your phone, this includes things like VPN’s and antivirus. For the purposes of this section of the article, I would like to discuss different measures you can install to help protect your phone and keep your data that much more private/secured.
- VPN’s: I am not going to get into a breakdown of what VPN’s are and how they work, it is just important to understand that you can install and utilize a VPN connection on your phone all the same as a computer. If you already own a paid VPN account, simply install the service providers App on your phone and establish a new connection through it. Your IP Address and internet connection will be secured all the same, just note that the internet speed of your phone will be effected a little more significantly than a computer, simply because a phone can not process as much information as fast as a computer can.
- Proxy’s: It is another common misconception that you can’t utilize proxy connections or the Tor network on your phone, this is simply untrue. You can either hide your IP address and internet activity by installing the Tor App directly, or you can install something known as Orbot – developed by The Tor Project. Orbot transfers all data/network activity from your phone across various tor relays, essentially turning the Tor network itself into a giant VPN connection/encryption setting for all of your data and every last thing you do on your phone. Unlike Tor, Orbot doesn’t just simply protect internet activity – even the Apps developers profess itself to be a “full phone VPN.“
- Re-Route DNS: Another way to protect against data spying, 3rd party abuses or intrusive hackers is to re-route your DNS through different service providers. For example, I personally route all of my network activity through Cloudflare DNS servers for added privacy and security. IBM’s Quad 9 DNS service is another good option, blocking you from gaining access to known malicious websites while preventing your device from ever becoming part of or wrapped up in a botnet. You can do your own research to find other options which may be more suitable, but another popular option is Google’s public DNS service.
- Install Different Browsers: Just as with computers, you can choose a whole host of different browser options, many of which are far more secure and private than Google Chrome or the built in web browser found on your phone. If you would like to learn more about browsers, as well as the different/added benefits of each, please utilize the following link: https://roguesec.co/building-selecting-safer-web-browsers/
- Antivirus: Phone antivirus programs essentially work the same as computer antivirus’, only they are far simpler and much cheaper. A good antivirus program for your phone should cost anywhere from $2-5$ per month, and will protect your phone against malicious hyperlinks, scan all downloads for viruses, as well as prevent all of the most common/basic forms of cyber attack. Some phone based antivirus service providers, such as Kaspersky Lab, also come with built in VPN connections to secure your internet activity at the same time.
5.) VoIP Services
While VoIP services are not necessarily “essential“ for everyday phone use, they do offer critical protections for political activists, journalists, researchers and citizens living under oppressive regimes all around the world. VoIP stands for “Voice over Internet Protocol,” which is just a fancy way of saying they transport all calls and messages over established internet connections, rather than routing them through your telecommunications or phone service provider – such as AT&T or Verizon. For this reason, VoIp services prevent your data from being intercepted, recorded or stolen by telecommunications companies and other 3rd parties, such as Governments, thus protecting any information you send across them. VoIP services also offer the ability to encrypt messages or calls between like users, further protecting your privacy. By comparison, both of these options are not available on standard text messages or phone calls. In politically oppressive countries, VoIp services offer a critical means to bypass Government imposed restrictions or blockades on national telecommunications. VoIP services also let you make international calls for free.
While this might sound a bit complex or advanced, once installed, operating a VoIP connection/application is no more different or complicated than making a regular phone call or sending traditional text messages. Lastly, VoIP connections also offer a secondary means to reach contacts, should your phone lose service, go out of range or come under blackout. Rather than relying on the signal strength of your network service provider, all you need to use VoIP services is an active internet connection.