Let's Talk About Android Devices

As for today, the world smartphone market share has 87.6% of Android devices and 11.7% of iOS devices. In 2013, the statistics were showing that 79% of malware was written for Android devices. Today, you see that the number has gone up to 97% (according to some writers in the industry). If you are an Android owner, there is not much you can do about some of the very serious bugs floating around. I hope that these few measures and changes that I recommend can keep your droid without “cyber gonorrhea,” – an expression I have coined three years ago while teaching a class where ALL droids had a serious problem. J
 
Oh, and since I do not own an Android device and there are many models with different screens, this blog will look more like a lawyer’s book – no photos.

What can I do under the Security tab?
 Remove the check mark of Make passwords visible, and add a check mark on Verify apps. Remove the check mark from Unknown sources so you cannot install apps that are not being sold in the PlayStore.
 
The PlayStore is not a guarantee that your app will be clean and trustworthy. As of October 2016, there were 400 Android apps in PlayStore that had the DressCode malware.
 
How about Location Services?
Location Services should be turned off at all times; except when you are using a navigation app like Waze. Emergency services locator will not get turned off when you turn off the Access to my location.
Make sure that your apps do not have permanent access to your location. Only in use for those who assist you in navigation or transportation, and never for the other apps.
 
What can I use for Texting?
Textra SMS is the best third-party app in the PlayStore for texting.  You can read more about Textra here.
 
Can I encrypt my Android device?
Yes, and you should! Encryption protects all the data you carry on the phone… emails, photos, contact information, credit card information, etc. When a phone is encrypted and locked, nobody can access your data. Once you unlock the device, your phone decrypts the data. For this reason, get in the habit of always locking your phone when you are not using it.
You will not see a performance drop that will make your phone act like a turtle after the flu. If you enable encryption, keep in mind that the only way to undo the process is by factory resetting. For this reason, I highly recommend that you always back your data to an external device. If you have rooted your phone, you will have to unroot temporarily, encrypt and then root again.

Even if you do not have sensitive information on your phone, you should encrypt it to protect others. If your device is compromised and it starts sending malicious links to all of your contacts, then you are responsible in a way for their getting infected. You had the knowledge but you did not apply it, and now your family and friends end up with an infected device.
 
Is there a good anti-virus for Android?
Yes! Sophos Free Anti-virus for Android rocks. You can find it here.  Once you install, make sure you run the scan and fix whatever Sophos is recommending you to fix to protect your device.
 
Any other app for my Android?
Yes! I recommend installing CCleaner by Piriform. This app optimizes your device in seconds, and gets rid of cache, trash, etc.
 
DuckDuckGo for Android is a better choice to surf the web because this search engine does not parse your IP/MAC address with your searches.  (See the blog I wrote about Browsers).
 
What are the latest malware threats to Android?
The list would be enough to write a book. Thus, I will just include the very latest in case you missed the news about them.
Gooligan roots vulnerable Android devices and steals email address and authentication tokens. This is a serious problem affecting 1 million Google accounts.  If you do not have two-factor authentication, I recommend you implement that in all your accounts.
 
Quadrooter affects 900 million Android devices that use the Qualcomm chipsets. Here you can read the list of those devices.
 
AirDroid app, used by tens of millions of Android devices, makes the devices vulnerable to man-in-the-middle attacks leading to data theft and pushing malicious updates to the devices.
 
If I were you, the user of an Android device, the first item I would put on my wish list for Christmas is an iOS device. :-)
 
That is all for now. I wish you a Merry Christmas and Chanukah, and best wishes for 2017. 

Thank you for reading!
 
Meta brings the courses Risk Management When Online and Open Source Intelligence (OSINT) Collection and Analysis to your organization regardless of where you are located. Watch this short clip: https://www.youtube.com/watch?v=aRXazQuPzFs Then call us to schedule training for your team or organization.