• Amused
  • Angry
  • Annoyed
  • ArrgPirate
  • atwork
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • deejayn
  • Depressed
  • Down
  • drinking
  • Drunk
  • eating
  • editing
  • Embarrased
  • Enraged
  • Friendly
  • gamingpc
  • gamingps
  • gamingsteam
  • gamingxbox
  • Geeky
  • Godly
  • Happy
  • hatemailing
  • Hungry
  • Innocent
  • lagging
  • livestreaming
  • loving
  • lurking
  • Meh
  • netflix
  • nostatus
  • Poorly
  • raging
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • trolling
  • Wtf
  • youtuber
  • zombies
  • Results 1 to 3 of 3

    Thread: How to Securely Harden Andriod Devices

    1. #1
      AUSSIE MEMBER
      is scared to be different
       
      I am:
      Sneaky
       

      Join Date
      Jul 2015
      Posts
      65
      Post Thanks / Like
      Rep Power
      725

      How to Securely Harden Andriod Devices

      .::Android Security Hardening::.
      =================================

      /This guide was created to help you to securely configure your Android device to stop spying and eavesdropping from various companies and government agencies. I hope this guide helps you along the path to becoming truly Anonymous. Enjoy!


      .::[Rooting]::.
      =================

      /It is strongly suggested that you root your device ASAP because it will give you plenty of awesome things like modifying system files, installing pirated apps, running any other mobile OS [Like CynogenMod], running root privilege apps, spoofing IMEI, ESN and MEID IDs and much more.

      /To root your device you will need the devices system drivers and a pre-made root kit. There are plenty of ways to root your android. I suggest you head over to http://forum.xda-developers.com.


      .::[Security Hardening]::.
      ============================

      /First, you need to enable Developer Options on your device if you haven't done so already. To do this go into
      -> Settings -> About Device -> Tap Build Number or Kernel Version OR Baseband Version. Its different for every Android OS.

      Settings -> Lock Screen -> Pattern/PIN -> ON
      Settings -> Security -> Device Encryption -> ON
      Settings -> Security -> SD Card Encryption -> ON
      Settings -> Security -> Unknown Sources -> OFF
      Settings -> Security -> Passwords Visible -> OFF
      Settings -> Desktop Backup Password -> ON
      Settings -> Security -> Password -> USB Debugging -> OFF
      Settings -> Developer Options -> Do Not Keep Activities -> ON
      Settings -> Developer Options -> Limit Background Processes -> At Most 2 Processes
      Settings -> My Device -> Power Saving Mode -> ON
      Settings -> My Device -> Voice Control -> OFF
      Settings -> Accessibility -> Google Subtitles [CC] -> OFF
      Settings -> Accessibility -> Samsung Subtitles [CC] -> OFF
      Settings -> Date and Time -> Automatic Date and Time -> OFF


      .::[Network Hardening]::.
      ===========================

      /Make sure you check these off, prevents location tracking and bluetooth MITM attacks and spoofs location in apps.

      Settings -> Connections -> Bluetooth -> OFF
      Settings -> Connections -> NFC -> OFF
      Settings -> Connections -> S Beam -> OFF
      Settings -> Connections -> Nearby Devices -> OFF
      Settings -> Connections -> Screen Mirroring -> OFF
      Settings -> Connections -> Tethering and Mobile Hotspot -> OFF
      Settings -> Accounts & Sync -> OFF
      Settings -> Location Services -> OFF
      Settings -> My Device -> Smart Screen -> OFF
      Settings -> Developer Options -> Allow Mock Locations -> ON

      /It is highly recommended that you run a VPN service on your device, as it will guarantee anonymous communication. You can configure VPN access by adding its certificates to the root [/] filesystem of the device. Either internal storage or SD Card. If your device does not have VPN configuration you can use the OpenVPN apps to do this.


      .::[Applications]::.
      =====================

      /These applications will need to be configured after installation.

      /The ones marked with "**" are essential for privacy and security. Also note some apps listed here MUST be configured! I added a "Configuration" section under the apps that need to be.


      **SuperSU
      Download: https://play.google.com/store/apps/d....supersu&hl=en
      Description: SuperSU allows for advanced management of Superuser access rights for all the apps on your device that need root. SuperSU has been built from the ground up to counter a number of problems with other Superuser access management tools.

      **DroidWall
      Download: https://code.google.com/p/droidwall/
      Description: Blocks all incoming and outgoing packets from your apps.
      Configuration: Be sure to disable all system applications and other applications that may eat up your network bandwidth speed.
      Enable Root Browser, RomToolBox, Wireless Tether, DroidWall, Busy Box, SuperSU and any other relevant Application.

      **Root Explorer
      Download: https://code.google.com/p/p500/downl...%282.19%29.apk
      Description: Accesses your devices root system files.

      **OpenVPN
      Link: https://play.google.com/store/apps/d...blinkt.openvpn
      Description: OpenVPN is a client software to connect to an OpenVPN server and not a free VPN software.

      **OpenVPN Installer
      Download: https://play.google.com/store/apps/d...nvpn.installer
      Description: OpenVPN Installer will try to install OpenVPN [2.1.1] in /system/xbin or /system/bin. Your mileage might vary depending on your device.

      **OpenVPN Settings
      Download: https://play.google.com/store/apps/d...ndroid.openvpn
      Description: UI similar to Wi-Fi settings; Restart tunnel when connectivity changes [e.g. from wifi to 3G]; Start on boot; Passphrase; DNS; Script-Security; Write and View Log File; Open Source [GPLv3].

      **OpenVPN Connect
      Download: https://play.google.com/store/apps/d...penvpn.openvpn
      Description: OpenVPN Connect is the official full-featured Android VPN client for the OpenVPN Access Server, Private Tunnel VPN and OpenVPN community.

      Wireless Tether
      Download: https://code.google.com/p/android-wifi-tether/
      Description: This program enables tethering via wifi for rooted devices.

      **Call Control
      Download: https://play.google.com/store/apps/d...erycallcontrol
      Description: Call Control is full featured call blocker that's super easy to use and is a trusted call blocker by more than 10M users to block unwanted calls and texts. Calls are blocked silently without you ever knowing someone called.

      **RomToolBox
      Download: https://play.google.com/store/apps/d...iberty.toolbox
      Description: ROM Toolbox combines all the great root apps into one monster app with a beautiful and easy to use interface. ROM Toolbox has every tool you need to make your Android device fast and customized to your liking.

      **BusyBox
      Download: https://play.google.com/store/apps/d...ricson.busybox
      Description: This is the only installer that is ad free and requires no internet permission.

      **NoBloat
      Link: https://play.google.com/store/apps/d...nt.nobloatfree
      Description: NoBloat lets you delete unwanted apps that come per-installed with your device.

      **ORBot
      Download: https://play.google.com/store/apps/d...roject.android
      Description: Orbot is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world.

      **RedPhone
      Download: https://play.google.com/store/apps/d...redphone&hl=en
      Description: This application will encrypt your voice calls if both users are is running it.

      F-Droid
      Download: https://f-droid.org/
      Description: F-Droid is an installable catalog of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.

      Aptiode
      Download: http://m.aptoide.com/installer?lang=EN
      Description: A free market place to download pirated and cracked apps.

      **Xabber
      Download: https://f-droid.org/repository/brows...ber.androiddev
      Description: Xabber is a full Java implementation of XMPP, and supports both OTR and Tor. Its UI is a bit more streamlined than Guardian Project's ChatSecure, and it does not make use of any native code components (which are more vulnerable to code execution exploits than pure Java code). Unfortunately, this means it lacks some of ChatSecure's nicer features, such as push-to-talk voice and file transfer.
      Configuration: Go into settings and check the following.
      Notifications -> Message text in Notifications -> Off (notifications can be read by other apps!)
      Accounts -> Integration into system accounts -> Off
      Accounts -> Store message history -> Don't Store
      Security -> Store History -> Off
      Security -> Check Server Certificate
      Chat -> Show Typing Notifications -> Off
      Connection Settings -> Auto-away -> disabled
      Connection Settings -> Extended away when idle -> Disabled
      Keep Wifi Awake -> On
      Prevent sleep Mode -> On

      **Offline Calender
      Download: https://f-droid.org/repository/brows....localcalendar
      Description: Offline Calendar is a hack to allow you to create a fake local Google account that does not sync to Google. This allows you to use the Calendar App without risk of leaking your activities to Google.

      **K-9 Mail
      Download: https://f-droid.org/repository/browse/?fdid=com.fsck.k9
      Description: E-mail client supporting multiple accounts, POP3, IMAP and Push IMAP. Can do encryption if APG and/or OpenKeychain is installed depending on the version. Settings and account configurations can be exported so that they can be imported easily if you are switching packages/signatures: a file manager will need to be already installed to achieve this.

      **APG
      Download: https://f-droid.org/repository/brows...ar.android.apg
      Description: APG is a port of OpenPGP for Android. Use it to encrypt and decrypt files, and in conjunction with K-9 Mail, to seamlessly add support for encrypting and decrypting emails, as well as adding and verifying digital signatures.

      OSMAnd~
      Download: https://f-droid.org/repository/brows...et.osmand.plus
      Description: A free offline mapping tool. While the UI is a little clunky, it does support voice navigation and driving directions, and is a handy, private alternative to Google Maps.

      VLC
      Download: https://f-droid.org/repository/brows...g.videolan.vlc
      Description: Video and audio player that supports a wide range of formats, for both local and remote playback.

      **Firefox
      Download: https://f-droid.org/repository/brows...ozilla.firefox
      Description: Better browser then Chrome and the built in android browser.
      Configuration: Go into Firefox settings and disable the following:
      Settings -> Sync -> OFF
      Settings -> Mozilla -> Telemetry -> OFF
      Settings -> Mozilla -> Crash Reporter -> OFF
      Settings -> Mozilla -> Health Report -> OFF
      Settings -> Privacy -> Remember Passwords -> OFF
      Settings -> Privacy -> Use Master Password -> OFF
      Settings -> Privacy -> Tracking -> Do Not Track
      Settings -> Privacy -> Cookies -> Enable Cookies; Excluding 3rd Party
      Settings -> Developer Options -> Remote Debugging -> OFF
      Download NoScript, HTTPS-Everywhere, Adblock Edge. Also be sure to edit the "about:config" options withing Firefox. See my other Firefox guide for more configuration here: http://pastebin.com/fn7VHwhm

      **Launch App Ops
      Download: https://f-droid.org/repository/brows...e.launchappops
      Description: In Android 4.3 there is a new activity/screen, not accessible from settings, called App Ops, where you can manage permissions for different apps. This app simply allows you to launch this activity.

      OS Monitor
      Download: https://f-droid.org/repository/brows...wral.osmonitor
      Description: OS Monitor is an excellent Android process and connection monitoring app, that can help you watch for CPU usage and connection attempts by your apps.

      **CCleaner
      Download: https://play.google.com/store/apps/d...iform.ccleaner
      Description: Cleans all the useless crap that can slow your phone down such as logs, cache, empty folders and more.

      **Titanium Backup PRO
      Download: https://play.google.com/store/apps/d...umBackup&hl=en
      Description: You can backup, restore, freeze [With pro version] your apps, data, market links. This includes all protected apps & system apps, plus external data on your SD card. You can do 0-click batch & scheduled backups. Backups will operate without closing any apps [With pro version]. You can move any app [or app data] to and from the SD card. You can browse any app's data and even query the Market to see detailed information about the apps.

      dSploit
      Download: http://m.banzai13fr.store.aptoide.co...903638/dSploit
      Description: Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many TCP protocols, perform man in the middle attacks such as password sniffing [With common protocols dissection] and real time traffic manipulation and more.

      Terminal Emulator
      Download: https://play.google.com/store/apps/d...roidterm&hl=en
      Description: Access your Android's built-in Linux command line shell.

      ========================

      /After you install and configure these applications, it is recommended that you use Titanium Backup to either freeze or uninstall EVERYTHING that has to do with Google. These include:
      Google Account Manager
      Google Backup Transport
      Google Calender Sync
      Google Contacts Sync
      Google Partner Setup
      Google Play Services
      Google Play Store
      Google Search
      Google Services Framework
      Google Text-to-Speech Engine
      Google+
      LocationServices 1.0

      Doing this means you will have no Google Play Store, No syncing with your Google account, No Google Maps, No Google search, No Google Play Services, No YouTube, No Google+, No Google Contacts, Nothing Google at all. This will ensure that those asshats from Google are not tracking you, eavesdropping on your texts and calls, logging all of your metadata and so on. Also, it is VERY important that you DO NOT to install an app that uses a lot of permissions. Such as Facebook, Facebook Messenger, Twitter, Steam, Netflix and so on.

      /So there you have it! You are now running a securely hardened Android device. If you are interested in reading more about this topic head over to: https://blog.torproject.org/blog/mis...ty-and-privacy

      /Feel free to suggest any more techniques for enhancing security and I will gladly add them above!

      Another good guide from Anonymous Gh0ster

    2. Thanks PAiN thanked for this post
      Likes PAiN, Diavolo, wsnake, Mike Larry, Dovysizeon liked this post
    3.    Sponsored Links

      ----
    4. #2
      BOP ADMINISTRATOR
      is BOPn
       
      I am:
      Cocky
       
      PAiN's Avatar
      Join Date
      Oct 2010
      Posts
      17,282
      Post Thanks / Like
      Rep Power
      6128
      Great thread! Very good information here for Android users.
      COC RULES: https://brotherhoodofpain.com/anabolic-ster...e-conduct.html

      e-mail: [email protected]

      >>>WE WILL NEVER EMAIL ABOUT SPONSORSHIP INFORMATION!<<<

    5. ----
    6. #3
      AUSSIE MEMBER
      is keen to train
       
      I am:
      Cocky
       
      Dovysizeon's Avatar
      Join Date
      Dec 2015
      Location
      Australia
      Posts
      285
      Post Thanks / Like
      Rep Power
      3161
      I haven't gone as far as rooting my brand new Samsung S7 due to it voiding the phones warranty and insurance contract but I have deleted both of my google accounts (PC and phone) and disabled everything google related.

      I'm also testing out SSE Universal Encryption App & EDS (Encrypted Data Store). Regardless of encryption; everything sensitive stored on a portable means should be kept at a minimum as people have a tendency to get drunk and lose their phones.

      Both these apps are available from Google Play...



      SSE - Universal Encryption App - Android Apps on Google Play

      EDS - Android Apps on Google Play
      Attached Images Attached Images
      Last edited by Dovysizeon; 04-29-2016 at 10:55 AM.
      !SECURITY IS EVERYONE'S RESPONSIBILITY!
      NEED TO CONTACT ME? PLEASE USE
      PGP ENCRYPTION.
      Link to my public key:
      https://countermail.com/process.php?...Rlcm1haWwuY29t


    7. Thanks PAiN thanked for this post
      Likes PAiN liked this post
    8. ----

    Tags for this Thread

    Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •