hoodlum
07-12-2015, 05:32 AM
.::Android Security Hardening::.
=================================
/This guide was created to help you to securely configure your Android device to stop spying and eavesdropping from various companies and government agencies. I hope this guide helps you along the path to becoming truly Anonymous. Enjoy!
.::[Rooting]::.
=================
/It is strongly suggested that you root your device ASAP because it will give you plenty of awesome things like modifying system files, installing pirated apps, running any other mobile OS [Like CynogenMod], running root privilege apps, spoofing IMEI, ESN and MEID IDs and much more.
/To root your device you will need the devices system drivers and a pre-made root kit. There are plenty of ways to root your android. I suggest you head over to http://forum.xda-developers.com.
.::[Security Hardening]::.
============================
/First, you need to enable Developer Options on your device if you haven't done so already. To do this go into
-> Settings -> About Device -> Tap Build Number or Kernel Version OR Baseband Version. Its different for every Android OS.
Settings -> Lock Screen -> Pattern/PIN -> ON
Settings -> Security -> Device Encryption -> ON
Settings -> Security -> SD Card Encryption -> ON
Settings -> Security -> Unknown Sources -> OFF
Settings -> Security -> Passwords Visible -> OFF
Settings -> Desktop Backup Password -> ON
Settings -> Security -> Password -> USB Debugging -> OFF
Settings -> Developer Options -> Do Not Keep Activities -> ON
Settings -> Developer Options -> Limit Background Processes -> At Most 2 Processes
Settings -> My Device -> Power Saving Mode -> ON
Settings -> My Device -> Voice Control -> OFF
Settings -> Accessibility -> Google Subtitles [CC] -> OFF
Settings -> Accessibility -> Samsung Subtitles [CC] -> OFF
Settings -> Date and Time -> Automatic Date and Time -> OFF
.::[Network Hardening]::.
===========================
/Make sure you check these off, prevents location tracking and bluetooth MITM attacks and spoofs location in apps.
Settings -> Connections -> Bluetooth -> OFF
Settings -> Connections -> NFC -> OFF
Settings -> Connections -> S Beam -> OFF
Settings -> Connections -> Nearby Devices -> OFF
Settings -> Connections -> Screen Mirroring -> OFF
Settings -> Connections -> Tethering and Mobile Hotspot -> OFF
Settings -> Accounts & Sync -> OFF
Settings -> Location Services -> OFF
Settings -> My Device -> Smart Screen -> OFF
Settings -> Developer Options -> Allow Mock Locations -> ON
/It is highly recommended that you run a VPN service on your device, as it will guarantee anonymous communication. You can configure VPN access by adding its certificates to the root [/] filesystem of the device. Either internal storage or SD Card. If your device does not have VPN configuration you can use the OpenVPN apps to do this.
.::[Applications]::.
=====================
/These applications will need to be configured after installation.
/The ones marked with "**" are essential for privacy and security. Also note some apps listed here MUST be configured! I added a "Configuration" section under the apps that need to be.
**SuperSU
Download: https://play.google.com/store/apps/details?id=eu.chainfire.supersu&hl=en
Description: SuperSU allows for advanced management of Superuser access rights for all the apps on your device that need root. SuperSU has been built from the ground up to counter a number of problems with other Superuser access management tools.
**DroidWall
Download: https://code.google.com/p/droidwall/
Description: Blocks all incoming and outgoing packets from your apps.
Configuration: Be sure to disable all system applications and other applications that may eat up your network bandwidth speed.
Enable Root Browser, RomToolBox, Wireless Tether, DroidWall, Busy Box, SuperSU and any other relevant Application.
**Root Explorer
Download: https://code.google.com/p/p500/downloads/detail?name=Root%20Explorer%20%282.19%29.apk
Description: Accesses your devices root system files.
**OpenVPN
Link: https://play.google.com/store/apps/details?id=de.blinkt.openvpn
Description: OpenVPN is a client software to connect to an OpenVPN server and not a free VPN software.
**OpenVPN Installer
Download: https://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn.instal ler
Description: OpenVPN Installer will try to install OpenVPN [2.1.1] in /system/xbin or /system/bin. Your mileage might vary depending on your device.
**OpenVPN Settings
Download: https://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn
Description: UI similar to Wi-Fi settings; Restart tunnel when connectivity changes [e.g. from wifi to 3G]; Start on boot; Passphrase; DNS; Script-Security; Write and View Log File; Open Source [GPLv3].
**OpenVPN Connect
Download: https://play.google.com/store/apps/details?id=net.openvpn.openvpn
Description: OpenVPN Connect is the official full-featured Android VPN client for the OpenVPN Access Server, Private Tunnel VPN and OpenVPN community.
Wireless Tether
Download: https://code.google.com/p/android-wifi-tether/
Description: This program enables tethering via wifi for rooted devices.
**Call Control
Download: https://play.google.com/store/apps/details?id=com.flexaspect.android.everycallcontrol
Description: Call Control is full featured call blocker that's super easy to use and is a trusted call blocker by more than 10M users to block unwanted calls and texts. Calls are blocked silently without you ever knowing someone called.
**RomToolBox
Download: https://play.google.com/store/apps/details?id=com.jrummy.liberty.toolbox
Description: ROM Toolbox combines all the great root apps into one monster app with a beautiful and easy to use interface. ROM Toolbox has every tool you need to make your Android device fast and customized to your liking.
**BusyBox
Download: https://play.google.com/store/apps/details?id=stericson.busybox
Description: This is the only installer that is ad free and requires no internet permission.
**NoBloat
Link: https://play.google.com/store/apps/details?id=com.tvkdevelopment.nobloatfree
Description: NoBloat lets you delete unwanted apps that come per-installed with your device.
**ORBot
Download: https://play.google.com/store/apps/details?id=org.torproject.android
Description: Orbot is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world.
**RedPhone
Download: https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en
Description: This application will encrypt your voice calls if both users are is running it.
F-Droid
Download: https://f-droid.org/
Description: F-Droid is an installable catalog of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
Aptiode
Download: http://m.aptoide.com/installer?lang=EN
Description: A free market place to download pirated and cracked apps.
**Xabber
Download: https://f-droid.org/repository/browse/?fdfilter=xabber&fdid=com.xabber.androiddev
Description: Xabber is a full Java implementation of XMPP, and supports both OTR and Tor. Its UI is a bit more streamlined than Guardian Project's ChatSecure, and it does not make use of any native code components (which are more vulnerable to code execution exploits than pure Java code). Unfortunately, this means it lacks some of ChatSecure's nicer features, such as push-to-talk voice and file transfer.
Configuration: Go into settings and check the following.
Notifications -> Message text in Notifications -> Off (notifications can be read by other apps!)
Accounts -> Integration into system accounts -> Off
Accounts -> Store message history -> Don't Store
Security -> Store History -> Off
Security -> Check Server Certificate
Chat -> Show Typing Notifications -> Off
Connection Settings -> Auto-away -> disabled
Connection Settings -> Extended away when idle -> Disabled
Keep Wifi Awake -> On
Prevent sleep Mode -> On
**Offline Calender
Download: https://f-droid.org/repository/browse/?fdfilter=offline%20calendar&fdid=org.sufficientlysecure.localcalendar
Description: Offline Calendar is a hack to allow you to create a fake local Google account that does not sync to Google. This allows you to use the Calendar App without risk of leaking your activities to Google.
**K-9 Mail
Download: https://f-droid.org/repository/browse/?fdid=com.fsck.k9
Description: E-mail client supporting multiple accounts, POP3, IMAP and Push IMAP. Can do encryption if APG and/or OpenKeychain is installed depending on the version. Settings and account configurations can be exported so that they can be imported easily if you are switching packages/signatures: a file manager will need to be already installed to achieve this.
**APG
Download: https://f-droid.org/repository/browse/?fdid=org.thialfihar.android.apg
Description: APG is a port of OpenPGP for Android. Use it to encrypt and decrypt files, and in conjunction with K-9 Mail, to seamlessly add support for encrypting and decrypting emails, as well as adding and verifying digital signatures.
OSMAnd~
Download: https://f-droid.org/repository/browse/?fdfilter=osmand&fdid=net.osmand.plus
Description: A free offline mapping tool. While the UI is a little clunky, it does support voice navigation and driving directions, and is a handy, private alternative to Google Maps.
VLC
Download: https://f-droid.org/repository/browse/?fdfilter=vlc&fdid=org.videolan.vlc
Description: Video and audio player that supports a wide range of formats, for both local and remote playback.
**Firefox
Download: https://f-droid.org/repository/browse/?fdfilter=firefox&fdid=org.mozilla.firefox
Description: Better browser then Chrome and the built in android browser.
Configuration: Go into Firefox settings and disable the following:
Settings -> Sync -> OFF
Settings -> Mozilla -> Telemetry -> OFF
Settings -> Mozilla -> Crash Reporter -> OFF
Settings -> Mozilla -> Health Report -> OFF
Settings -> Privacy -> Remember Passwords -> OFF
Settings -> Privacy -> Use Master Password -> OFF
Settings -> Privacy -> Tracking -> Do Not Track
Settings -> Privacy -> Cookies -> Enable Cookies; Excluding 3rd Party
Settings -> Developer Options -> Remote Debugging -> OFF
Download NoScript, HTTPS-Everywhere, Adblock Edge. Also be sure to edit the "about:config" options withing Firefox. See my other Firefox guide for more configuration here: http://pastebin.com/fn7VHwhm
**Launch App Ops
Download: https://f-droid.org/repository/browse/?fdfilter=permissions&fdid=com.adstrosoftware.launchappops
Description: In Android 4.3 there is a new activity/screen, not accessible from settings, called App Ops, where you can manage permissions for different apps. This app simply allows you to launch this activity.
OS Monitor
Download: https://f-droid.org/repository/browse/?fdfilter=os%20monitor&fdid=com.eolwral.osmonitor
Description: OS Monitor is an excellent Android process and connection monitoring app, that can help you watch for CPU usage and connection attempts by your apps.
**CCleaner
Download: https://play.google.com/store/apps/details?id=com.piriform.ccleaner
Description: Cleans all the useless crap that can slow your phone down such as logs, cache, empty folders and more.
**Titanium Backup PRO
Download: https://play.google.com/store/apps/details?id=com.keramidas.TitaniumBackup&hl=en
Description: You can backup, restore, freeze [With pro version] your apps, data, market links. This includes all protected apps & system apps, plus external data on your SD card. You can do 0-click batch & scheduled backups. Backups will operate without closing any apps [With pro version]. You can move any app [or app data] to and from the SD card. You can browse any app's data and even query the Market to see detailed information about the apps.
dSploit
Download: http://m.banzai13fr.store.aptoide.com/app/market/it.evilsocket.dsploit.debug/1/4903638/dSploit
Description: Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many TCP protocols, perform man in the middle attacks such as password sniffing [With common protocols dissection] and real time traffic manipulation and more.
Terminal Emulator
Download: https://play.google.com/store/apps/details?id=jackpal.androidterm&hl=en
Description: Access your Android's built-in Linux command line shell.
========================
/After you install and configure these applications, it is recommended that you use Titanium Backup to either freeze or uninstall EVERYTHING that has to do with Google. These include:
Google Account Manager
Google Backup Transport
Google Calender Sync
Google Contacts Sync
Google Partner Setup
Google Play Services
Google Play Store
Google Search
Google Services Framework
Google Text-to-Speech Engine
Google+
LocationServices 1.0
Doing this means you will have no Google Play Store, No syncing with your Google account, No Google Maps, No Google search, No Google Play Services, No YouTube, No Google+, No Google Contacts, Nothing Google at all. This will ensure that those asshats from Google are not tracking you, eavesdropping on your texts and calls, logging all of your metadata and so on. Also, it is VERY important that you DO NOT to install an app that uses a lot of permissions. Such as Facebook, Facebook Messenger, Twitter, Steam, Netflix and so on.
/So there you have it! You are now running a securely hardened Android device. If you are interested in reading more about this topic head over to: https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
/Feel free to suggest any more techniques for enhancing security and I will gladly add them above!
Another good guide from Anonymous Gh0ster
=================================
/This guide was created to help you to securely configure your Android device to stop spying and eavesdropping from various companies and government agencies. I hope this guide helps you along the path to becoming truly Anonymous. Enjoy!
.::[Rooting]::.
=================
/It is strongly suggested that you root your device ASAP because it will give you plenty of awesome things like modifying system files, installing pirated apps, running any other mobile OS [Like CynogenMod], running root privilege apps, spoofing IMEI, ESN and MEID IDs and much more.
/To root your device you will need the devices system drivers and a pre-made root kit. There are plenty of ways to root your android. I suggest you head over to http://forum.xda-developers.com.
.::[Security Hardening]::.
============================
/First, you need to enable Developer Options on your device if you haven't done so already. To do this go into
-> Settings -> About Device -> Tap Build Number or Kernel Version OR Baseband Version. Its different for every Android OS.
Settings -> Lock Screen -> Pattern/PIN -> ON
Settings -> Security -> Device Encryption -> ON
Settings -> Security -> SD Card Encryption -> ON
Settings -> Security -> Unknown Sources -> OFF
Settings -> Security -> Passwords Visible -> OFF
Settings -> Desktop Backup Password -> ON
Settings -> Security -> Password -> USB Debugging -> OFF
Settings -> Developer Options -> Do Not Keep Activities -> ON
Settings -> Developer Options -> Limit Background Processes -> At Most 2 Processes
Settings -> My Device -> Power Saving Mode -> ON
Settings -> My Device -> Voice Control -> OFF
Settings -> Accessibility -> Google Subtitles [CC] -> OFF
Settings -> Accessibility -> Samsung Subtitles [CC] -> OFF
Settings -> Date and Time -> Automatic Date and Time -> OFF
.::[Network Hardening]::.
===========================
/Make sure you check these off, prevents location tracking and bluetooth MITM attacks and spoofs location in apps.
Settings -> Connections -> Bluetooth -> OFF
Settings -> Connections -> NFC -> OFF
Settings -> Connections -> S Beam -> OFF
Settings -> Connections -> Nearby Devices -> OFF
Settings -> Connections -> Screen Mirroring -> OFF
Settings -> Connections -> Tethering and Mobile Hotspot -> OFF
Settings -> Accounts & Sync -> OFF
Settings -> Location Services -> OFF
Settings -> My Device -> Smart Screen -> OFF
Settings -> Developer Options -> Allow Mock Locations -> ON
/It is highly recommended that you run a VPN service on your device, as it will guarantee anonymous communication. You can configure VPN access by adding its certificates to the root [/] filesystem of the device. Either internal storage or SD Card. If your device does not have VPN configuration you can use the OpenVPN apps to do this.
.::[Applications]::.
=====================
/These applications will need to be configured after installation.
/The ones marked with "**" are essential for privacy and security. Also note some apps listed here MUST be configured! I added a "Configuration" section under the apps that need to be.
**SuperSU
Download: https://play.google.com/store/apps/details?id=eu.chainfire.supersu&hl=en
Description: SuperSU allows for advanced management of Superuser access rights for all the apps on your device that need root. SuperSU has been built from the ground up to counter a number of problems with other Superuser access management tools.
**DroidWall
Download: https://code.google.com/p/droidwall/
Description: Blocks all incoming and outgoing packets from your apps.
Configuration: Be sure to disable all system applications and other applications that may eat up your network bandwidth speed.
Enable Root Browser, RomToolBox, Wireless Tether, DroidWall, Busy Box, SuperSU and any other relevant Application.
**Root Explorer
Download: https://code.google.com/p/p500/downloads/detail?name=Root%20Explorer%20%282.19%29.apk
Description: Accesses your devices root system files.
**OpenVPN
Link: https://play.google.com/store/apps/details?id=de.blinkt.openvpn
Description: OpenVPN is a client software to connect to an OpenVPN server and not a free VPN software.
**OpenVPN Installer
Download: https://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn.instal ler
Description: OpenVPN Installer will try to install OpenVPN [2.1.1] in /system/xbin or /system/bin. Your mileage might vary depending on your device.
**OpenVPN Settings
Download: https://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn
Description: UI similar to Wi-Fi settings; Restart tunnel when connectivity changes [e.g. from wifi to 3G]; Start on boot; Passphrase; DNS; Script-Security; Write and View Log File; Open Source [GPLv3].
**OpenVPN Connect
Download: https://play.google.com/store/apps/details?id=net.openvpn.openvpn
Description: OpenVPN Connect is the official full-featured Android VPN client for the OpenVPN Access Server, Private Tunnel VPN and OpenVPN community.
Wireless Tether
Download: https://code.google.com/p/android-wifi-tether/
Description: This program enables tethering via wifi for rooted devices.
**Call Control
Download: https://play.google.com/store/apps/details?id=com.flexaspect.android.everycallcontrol
Description: Call Control is full featured call blocker that's super easy to use and is a trusted call blocker by more than 10M users to block unwanted calls and texts. Calls are blocked silently without you ever knowing someone called.
**RomToolBox
Download: https://play.google.com/store/apps/details?id=com.jrummy.liberty.toolbox
Description: ROM Toolbox combines all the great root apps into one monster app with a beautiful and easy to use interface. ROM Toolbox has every tool you need to make your Android device fast and customized to your liking.
**BusyBox
Download: https://play.google.com/store/apps/details?id=stericson.busybox
Description: This is the only installer that is ad free and requires no internet permission.
**NoBloat
Link: https://play.google.com/store/apps/details?id=com.tvkdevelopment.nobloatfree
Description: NoBloat lets you delete unwanted apps that come per-installed with your device.
**ORBot
Download: https://play.google.com/store/apps/details?id=org.torproject.android
Description: Orbot is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world.
**RedPhone
Download: https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en
Description: This application will encrypt your voice calls if both users are is running it.
F-Droid
Download: https://f-droid.org/
Description: F-Droid is an installable catalog of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
Aptiode
Download: http://m.aptoide.com/installer?lang=EN
Description: A free market place to download pirated and cracked apps.
**Xabber
Download: https://f-droid.org/repository/browse/?fdfilter=xabber&fdid=com.xabber.androiddev
Description: Xabber is a full Java implementation of XMPP, and supports both OTR and Tor. Its UI is a bit more streamlined than Guardian Project's ChatSecure, and it does not make use of any native code components (which are more vulnerable to code execution exploits than pure Java code). Unfortunately, this means it lacks some of ChatSecure's nicer features, such as push-to-talk voice and file transfer.
Configuration: Go into settings and check the following.
Notifications -> Message text in Notifications -> Off (notifications can be read by other apps!)
Accounts -> Integration into system accounts -> Off
Accounts -> Store message history -> Don't Store
Security -> Store History -> Off
Security -> Check Server Certificate
Chat -> Show Typing Notifications -> Off
Connection Settings -> Auto-away -> disabled
Connection Settings -> Extended away when idle -> Disabled
Keep Wifi Awake -> On
Prevent sleep Mode -> On
**Offline Calender
Download: https://f-droid.org/repository/browse/?fdfilter=offline%20calendar&fdid=org.sufficientlysecure.localcalendar
Description: Offline Calendar is a hack to allow you to create a fake local Google account that does not sync to Google. This allows you to use the Calendar App without risk of leaking your activities to Google.
**K-9 Mail
Download: https://f-droid.org/repository/browse/?fdid=com.fsck.k9
Description: E-mail client supporting multiple accounts, POP3, IMAP and Push IMAP. Can do encryption if APG and/or OpenKeychain is installed depending on the version. Settings and account configurations can be exported so that they can be imported easily if you are switching packages/signatures: a file manager will need to be already installed to achieve this.
**APG
Download: https://f-droid.org/repository/browse/?fdid=org.thialfihar.android.apg
Description: APG is a port of OpenPGP for Android. Use it to encrypt and decrypt files, and in conjunction with K-9 Mail, to seamlessly add support for encrypting and decrypting emails, as well as adding and verifying digital signatures.
OSMAnd~
Download: https://f-droid.org/repository/browse/?fdfilter=osmand&fdid=net.osmand.plus
Description: A free offline mapping tool. While the UI is a little clunky, it does support voice navigation and driving directions, and is a handy, private alternative to Google Maps.
VLC
Download: https://f-droid.org/repository/browse/?fdfilter=vlc&fdid=org.videolan.vlc
Description: Video and audio player that supports a wide range of formats, for both local and remote playback.
**Firefox
Download: https://f-droid.org/repository/browse/?fdfilter=firefox&fdid=org.mozilla.firefox
Description: Better browser then Chrome and the built in android browser.
Configuration: Go into Firefox settings and disable the following:
Settings -> Sync -> OFF
Settings -> Mozilla -> Telemetry -> OFF
Settings -> Mozilla -> Crash Reporter -> OFF
Settings -> Mozilla -> Health Report -> OFF
Settings -> Privacy -> Remember Passwords -> OFF
Settings -> Privacy -> Use Master Password -> OFF
Settings -> Privacy -> Tracking -> Do Not Track
Settings -> Privacy -> Cookies -> Enable Cookies; Excluding 3rd Party
Settings -> Developer Options -> Remote Debugging -> OFF
Download NoScript, HTTPS-Everywhere, Adblock Edge. Also be sure to edit the "about:config" options withing Firefox. See my other Firefox guide for more configuration here: http://pastebin.com/fn7VHwhm
**Launch App Ops
Download: https://f-droid.org/repository/browse/?fdfilter=permissions&fdid=com.adstrosoftware.launchappops
Description: In Android 4.3 there is a new activity/screen, not accessible from settings, called App Ops, where you can manage permissions for different apps. This app simply allows you to launch this activity.
OS Monitor
Download: https://f-droid.org/repository/browse/?fdfilter=os%20monitor&fdid=com.eolwral.osmonitor
Description: OS Monitor is an excellent Android process and connection monitoring app, that can help you watch for CPU usage and connection attempts by your apps.
**CCleaner
Download: https://play.google.com/store/apps/details?id=com.piriform.ccleaner
Description: Cleans all the useless crap that can slow your phone down such as logs, cache, empty folders and more.
**Titanium Backup PRO
Download: https://play.google.com/store/apps/details?id=com.keramidas.TitaniumBackup&hl=en
Description: You can backup, restore, freeze [With pro version] your apps, data, market links. This includes all protected apps & system apps, plus external data on your SD card. You can do 0-click batch & scheduled backups. Backups will operate without closing any apps [With pro version]. You can move any app [or app data] to and from the SD card. You can browse any app's data and even query the Market to see detailed information about the apps.
dSploit
Download: http://m.banzai13fr.store.aptoide.com/app/market/it.evilsocket.dsploit.debug/1/4903638/dSploit
Description: Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many TCP protocols, perform man in the middle attacks such as password sniffing [With common protocols dissection] and real time traffic manipulation and more.
Terminal Emulator
Download: https://play.google.com/store/apps/details?id=jackpal.androidterm&hl=en
Description: Access your Android's built-in Linux command line shell.
========================
/After you install and configure these applications, it is recommended that you use Titanium Backup to either freeze or uninstall EVERYTHING that has to do with Google. These include:
Google Account Manager
Google Backup Transport
Google Calender Sync
Google Contacts Sync
Google Partner Setup
Google Play Services
Google Play Store
Google Search
Google Services Framework
Google Text-to-Speech Engine
Google+
LocationServices 1.0
Doing this means you will have no Google Play Store, No syncing with your Google account, No Google Maps, No Google search, No Google Play Services, No YouTube, No Google+, No Google Contacts, Nothing Google at all. This will ensure that those asshats from Google are not tracking you, eavesdropping on your texts and calls, logging all of your metadata and so on. Also, it is VERY important that you DO NOT to install an app that uses a lot of permissions. Such as Facebook, Facebook Messenger, Twitter, Steam, Netflix and so on.
/So there you have it! You are now running a securely hardened Android device. If you are interested in reading more about this topic head over to: https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
/Feel free to suggest any more techniques for enhancing security and I will gladly add them above!
Another good guide from Anonymous Gh0ster