dt.iki.fi

Making your Stock Android phone safer

This is not a complete step-by-step HowTo.
You will have to look at each of the linked articles and make your own choices depending on your device, android version and so on.

Last year I got myself a used Acer Liquid E700. It's a nice phone, big enough, and very powerful for its price. A crucial point in making the decision was at least Dual SIM support, because i have seperate SIM cards for phone and data (=internet).

Until now I have been using an old Acer One Netbook to be internet mobile, with archlinux installed. I feel safe with linux, I am in control.
On Android it isn't so easy. While android is designed to be safe and secure, it is always phoning home to google or some (any, really) app developer. I don't want that.

So how can I make my phone safe and private?

Usually the first step is to install a custom ROM, e.g. CyanogenMod, but my device is not supported. Also, I did not want to lose the triple-SIM functionality!
In retrospect, I think this is a good thing because it forced me to find ways to make a stock Android install safer instead of (blindly) trusting CyanogenMod.

Here are the steps I took to make my phone safer:

  1. Make a backup.
  2. Root the phone (XDA developers has the HowTo for your device).
  3. Disable/Uninstall all things Google. Have a look here: lmddgtfy - remove gapps from stock android
  4. Further tweaking/uninstalling.
  5. Mission Impossible: Hardening Android for Security and Privacy | The Tor Blog - this is where I started. The article is a little bit older and some things don't work anymore, or are not necessary anymore (afwall+ updates). Also it is written with cyanogenmod in mind, but I wanted to keep stock android on my phone. There's an overlap with the following article; some adaptation is required:
  6. Checkliste: Android-Phone absichern, BEVOR es das 1. Mal ins Internet geht (AFWall+) Actually this turned out to be the most important article, step-by-step instructions for hardening your phone before it connects to the internet the first time. I apologize that it is in German; google translate usually does a good job translating German to English, so please don't discard this.
  7. Sources, Links (again, I apologize that it is in German):
    Your phone Your data – Android without Google?! Teil1 • Kuketz IT-Security Blog