..on Sat, Jul 13, 2013 at 03:13:41PM +0200, Jerzy Łogiewa wrote: > Hello! > > If I want Android phone and have it be most secure, how to do it? Is there > some guide with steps? > > Like this: > > 1- Buy some handset such as X, Y > 2- Re-flash to Z firmware > 3- Change P settings to J ... > 4- Install OrBot, RedPhone, and so on > > What is recommended here by experts? > > PS: I am willing to have device ONLY for secure communications.
Disclaimer: while some journalists/people call me an expert I've never, ever named myself as such! Firstly, smartphones are a huge risk if you're really concerned about your security. Nonetheless, here's a start: You can install CyanogenMod - and not install the Google suite - for a pleasant and largely Google-free experience. To be safer, don't install a nightly build. Take out the SIM card. Flash CyanogenMod using the simple instructions for your device on their website. Encrypt the file-system once the device is installed. Set up a 6-or-more line swipe pattern without visual feedback (and keep your screen clean!). Disable developer mode and MTP browsing, until you need it. Connect the device to a wireless network you control. Install DroidWall (or similar open source firewall) and lock down any unknown and/or promiscuous processes (vastly less with CyanogenMod than Android). Don't use Google Play. Download and install OopenVPN client and tunnel to your favourite trusted OpenVPN server. Put on OrBot and run the OrWeb Tor browser. Edit your exit nodes to those that suit. Install Firefox and requisite extensions that protect against cookie tracking etc. Use StartPage instead of Google as your default search engine. Don't install any random games or other software. If you need something like a PDF reader, be sure it's open source and the APK you download checksums out (SHA256). I've done the above, more or less, with my last two Android phones. My SIII is especially good to work with. I've audited it on the wire and I trust working with it so far. How you use it is another thing. If you rarely need to make calls over the cellular network then use Airplane Mode until you need to call - that'll get you off the grid where cell provider location tracking/logging is concerned. Better still, don't use a SIM card at all and tunnel/ZRTP VoIP with something like RedPhone. Cheers, -- Julian Oliver PGP B6E9FD9A http://julianoliver.com http://criticalengineering.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
