Privacy 101: Using Android Without Compromising Security
In this day and age, maintaining your privacy is a perpetual battle, and doing so with an internet-connected device like your smartphone is even more of a struggle. Every website you visit, every app you install, every message you send, and every call you make is a potential vulnerability that could expose you to prying eyes.
When you consider all of the personal information that is stored on your Android device, making some effort to secure your privacy would be the most prudent course of action. With potential intruders such as hackers, stalkers, and even the federal government at the gates, the tips I'll cover below will go a long way towards giving you a little peace of mind.
Every time you make a connection to any website, you're leaving a trail of breadcrumbs that can be traced right back to your smartphone. The site you connected to knows your IP address, your internet provider has records of the connection, and government agencies can gain access to this information with a simple subpoena.
The best way to shore up this vulnerability would be to use a VPN service that encrypts all data traffic, in which case the website never knows your IP and your service provider only sees meaningless encrypted data. These services cost money, of course, but one of the best Android-compatible options is Private Internet Access, which only runs you $39.99 per year.
For older devices, the app should be all you need to get your encrypted VPN all set up. Just log in with your credentials, then press the "Connect" button, and you should be all set.
Devices running newer versions of Android will likely require you to set the VPN up manually. From your phone or tablet's main Settings menu, head to the "VPN" option under "More connection settings," then press the "Add VPN" button at the top of your screen. From here, there's some specific information that you'll have to enter, so if you're using Private Internet Access, see this page for more details.
Once you've entered in the VPN details, press your device's back button once, then choose the "Private Internet Access" option from the list. Next, enter your username and password, press the "Connect" button, and you should be all set. From now on, all internet traffic while you're on Wi-Fi will be fully encrypted, and the VPN will ensure that your IP address is never used to establish a connection.
A module called XPrivacy allows you to restrict the data that apps on your system can access by revoking or spoofing the permissions these apps have. Essentially, this means that you can pick and choose the information on your device that apps are allowed to access.
For more instructions on installing and setting up XPrivacy, check out our full tutorial on the subject.
If you've ever been concerned that someone may be spying on you, or that an app you've installed may be using its access to your camera module in a malicious way, you'll be happy to know that you can selectively disable all access to your camera. An app called CameraBlock can actually block access to your camera altogether at the press of a button, and it doesn't even require root to accomplish this.
Once you've installed the app, head to your phone or tablet's main Settings menu, then search for and select the "Device administrators" menu. From here, enable the "Camera Block Free" option, then press "Activate" on the subsequent popup. At this point, just open Camera Block and press the shield icon to block access to your camera.
From now on, you should see an ongoing notification informing you that your camera is blocked, which means that no app can access your camera sensor to take a picture or record video. If anything tries to access your camera, you'll see a toast message that says "Security policy restricts use of Camera," but if you need to take a quick picture, just tap the ongoing notification to temporarily allow access again.
The following two apps, TextSecure (4) and RedPhone (5), have been folded into one single app called Signal.
Hands down, the best way to prevent other parties from reading your text messages on Android is an app called TextSecure, which encrypts the messages and renders them useless to anyone who doesn't have your unique decryption key. (Note: TextSecure is now branded as Signal.)
Both parties will have to have TextSecure installed to take advantage of its encryption capabilities. Once you and your friend have installed the app and set it up, though, sending messages is just as easy as any other messaging app.
For a walkthrough on getting started with secure text messaging, check out our full setup guide for TextSecure.
The makers of TextSecure have another great app called RedPhone, which allows you to make encrypted phone calls without having to worry about someone listening in. (Note: RedPhone is now branded as Signal, along with TextSecure above.)
Once you've got the app installed, simply register your existing phone number so that all calls you make will use that number on the outbound caller ID. For fully encrypted phone calls, both parties will have to have RedPhone installed on their devices, but if you dial a number that isn't registered, the app will offer to send an install link to the other party.
Lastly, you might want to address the issue of Google being deeply integrated into Android. As you surely know, Google is an advertising company first and foremost, which means they like to collect usage data for targeted ads. If this makes you uncomfortable, be sure to check out our guide on removing Google from your Android experience, which should go a long way towards keeping your data private.
Were you already using any of these privacy-related Android tips, or is this your first time hearing about them? Let us know in the comment section below, or drop us a line on Android Hacks' Facebook or Twitter, or Gadget Hacks' Facebook, Google+, or Twitter.