Hello Explicit Facter!
Welcome to explicitfacts.com! A place where ignited minds come to get inspired!
If you have not subscribed to our website, then you are missing out.
With the advancement of technology and increased competition between smartphone manufacturing companies, nowadays it has become very cheap and also the need of the hour.
With the usage of smartphones, every day comes the requirement to ensure that it’s not hacked and safe to use.
So, without wasting any more time, let’s dive into the topic.
Smartphone hacking is a lucrative business.
So lucrative… In fact, there are multi-million dollar companies, that are buying software vulnerabilities from security researchers and reselling them to anyone interested in exploiting them.
It’s not because hacking into smartphones is easy.
It’s because it’s so worth it.
Your phone is an inseparable part of you.
It’s a digital book of your life with so much detail, unlike anything before it.
Access to your phone is access into your mind.
Your phone isn’t just a gadget.
Your phone is you.
You’re a cyborg.
This digital security tutorial is focused on the security of the mobile operating system.
Our thread model focuses on a general user, who faces the most common threats from low resource targeted attacks and spray-and-pray fraud scam attacks.
The third type of attack is an advanced persistent threat, which is mostly a state-sponsored adversary, who requires dedicated to extraordinary knowledge of your adversary’s capabilities.
We will cover this level of protection in our future articles, but if your life depends on strong security, seek immediate advice from a professional.
The least we can tell you for now is that smartphones openly broadcast so much data and such complicated pieces of technology, that it is impossible to use them securely in these situations.
The purpose of security isn’t to make an impenetrable device that’s impossible, the goal of security is to exhaust the resources of your adversaries to the point they lose interest or run out of resources to bridge your security and just to give you a clarification, this is a security tutorial, not a privacy tutorial.
The concepts of privacy and security sometimes overlap, but they are different.
So some steps listed here will favour security at the expense of privacy.
Least start with the easiest one.
This one is probably enabled by default, but to double, check search for encrypt device in your App Settings and follow instructions on the screen.
With older Android devices you should have your device charged and plugged in during encryption which may take up to several hours.
Make sure you use either a strong alphanumeric passcode or a pin that’s at least six digits’ long.
You should also set your device to erase all the data on your phone after too many wrong attempts this protects your device against brute-force attacks when somebody gets physical access, but don’t have false expectations about what device encryption can and can’t protect your data from.
Encrypting your phone does not protect you from malware or remote exploitation.
Device encryption only protects your phone if you lose it or someone steals it from you.
If whoever with physical access into your phone has enough time and resources they could bypass the encryption.
In this scenario both Android and iOS, give you an option to remotely wipe your phone if you fear somebody can access your data.
If you want this functionality turn on ‘Find my device’ and in the disaster scenario wipe it from your Google account or Apple ID.
Be aware that this will not erase your SD card so any content on there might be vulnerable.
Find my device will only erase your data when your phone is on and it’s connected to Wi-Fi or cellular network.
Enable 2FA on your Google account or Apple ID. This might be invisible to you but your phone is connected to your Google account or Apple ID and does is only as secure as your online accounts.
Secure them with strong passwords and second-factor authentication.
for 2FA use an app that generates 1-time passwords.
Good ones are off the Google Authenticator and OTP or free OTP.
You should also have a backup authentication in case you lose your phone.
The best option is to go for a USB security token.
These cost a little bit of money but it is worth it, get a Yubikey or Nitro key they’re both very good.
If you don’t want to spend money, you can generate recovery codes and write them down somewhere in a secure location.
When it comes to your password, make a long and easily memorable pass-phrase or generate a strong and unique password with a password manager.
Remember to store backups of your passwords outside of the phone in case you lose it.
Set your updates to be downloaded and installed automatically.
Most all of the hacks in existence happen because of bad passwords and outdated software. Hackers share known software vulnerabilities on forums and they rely on the fact they have more than 50% chance to hit a device with outdated software.
A lot of malware doesn’t stay on your phone after reboot. So, make it a habit to reboot your phone often.
It’s also good for your mental health to not leave your phone on all the time.
So learn to switch off.
Application Firewall, don’t do anything on your phone without an application firewall.
Mobile apps require tons of unnecessary permissions and there are loads of malicious apps floating around on app stores that will steal your data at the moment you install them.
This can be prevented to a large extent by having a good firewall.
The best free and open-source option is Netguard for Android and Lockdown for iOS.
You can use app firewalls in two ways.
You either review your apps and blacklist network access to them individually. This is called a blacklist mode.
Or and we would recommend to go for this one, you can automatically block network access to all of your apps and only allow the ones that truly need it.
this is called a white-list mode.
Apps have the easiest access to your data, so be minimalist and review the permissions you give them properly.
Apps can’t do much except for what you allow them.
some apps request a lot of permissions and can still work fine if you revoke them.
Keep your app counts to a minimum only keep apps that you use and uninstall apps you no longer need.
The more apps you have the more exposed to software vulnerabilities you are.
Hackers are thriving on exploiting these software vulnerabilities, many of which don’t get patched for a month or years.
For convenient security, do not download or install apps from outside of the official app stores.
Apps in these repositories are cryptographically signed by developers and platforms which ensures the authenticity of the apps.
On Android disable the option to install from unofficial sources in case you have it enabled.
Make it a habit to disable Wi-Fi and Bluetooth, when you’re not using them.
You should also disable the automatic connection because hackers can easily set up a malicious network and if your phone connects to it your device and data is in their hands.
You should be aware of every network connection your phone makes.
Public Wi-Fi is evil.
Use a VPN or tor to hide your traffic when connected to an open network.
Courtesy – Youtube
Most VPNs are evil – and good options are often paid so, so Nord VPN is a more convenient option.
With Nord VPN celebrating their birthday, as loyal followers of Explicit Facts, we offer you a 70% discount on all subscriptions. To find more click on the banner mentioned below.
On Android, you can run tor system-wide with Orbitz.
Best onion browsers are tor for Android on Android and onion browser on iOS.
We will NEVER recommend a free VPN, as they have only offered a few servers in the USA, Netherlands, and Japan and the speed might not be up there it may be transmitting your data openly on a public network.
If you want to go snow den crazy disable Wi-Fi completely and only use an Ethernet cable to connect to your home network.
This way you can prevent hackers from tricking your phone into connecting to their malicious Wi-Fi hotspots.
If you’re using backups or syncing, make sure they are encrypted as well.
Cloud backups are oftentimes an easy target to steal your private data.
Secure your accounts with 2FA.
If you use Google Drive or iCloud, your cloud backups use the same 2FA as your remained Google account or Apple ID connected to your phone.
If you decide to trust your default providers, you’re not in control of the security of your data.
Apple holds all decryption keys and they can access your data in the iCloud anytime they want and I think only you should be able to decrypt your data.
Crypto matter allows you to create encrypted vaults and automatically sync your secure backups to the cloud service of your choice.
If you don’t pay for the service, you are the product so I would recommend going for the next cloud you can get between two to five gigabytes of cloud storage for free but it might not be enough for those of you taking plenty of high-resolution photos.
But the next cloud is free and open-source and many providers even offer instant encryption.
So this is the cloud service that you should go for.
Browsers are dangerous.
They’re like an operating system within an operating system.
Browsers run every code from any website without any rigorous verification.
You should keep your browser usage to an absolute necessity.
If you have to use a browser, follow these steps: –
The best mobile browser in terms of security and privacy is Bromide. Bromide supports and blocking natively as it can use your block origin. Make sure you set it to encrypt your DNS queries. It has some privacy and security enhancements from other projects like brave or graphene OS.
Install HTTPS everywhere and set it to block all unencrypted traffic.
On iOS, we would recommend a Brave browser or stick to Google Chrome.
If privacy is a bigger concern than security use Firefox focus or DuckDuckGo privacy browser.
Increasing your privacy can also improve your security.
Opt-out of personalized advertising.
If it’s important to your disabled location services and activity.
The disabling location will break find my device, but it will improve your privacy.
It’s up to you to decide whether you think you are more likely to have your phone stolen by someone, who has enough resources to back has its encryption, then you are worried about Apple and Google tracking your location.
We would recommend to not keep any sensitive data on your phone and delete everything periodically. That way you don’t have to worry that much about the physical security of your phone and you can disable location services also known as Stalkerware.
Speaking of Stalkerware for some reason there is an emergence of idiots spying on other people.
If you have a moronic spouse, employer parent or friend they might have installed so-called Stalkerware on your phone.
Stalkerware is a commercial spyware someone intentionally installs on your phone.
The app then installs additional spying tools that track your activity and send it to the stalker.
The stalker then deletes the main app and the remaining spying tools will continue the work completely hidden you will never notice anything is going on your phone.
If you suspect, you might be followed.
The fastest and most certain option is to factory reset your device.
Search for factory reset in your Settings app and follow the instructions on the screen.
Make sure you backup your data first because this will delete everything.
After that never leave your phone unattended.
Even if it’s locked your spouse might learn your PIN or passcode through close by observation.
The best move is to just shoot your stalker because those who are actually doing this are just wasting oxygen
Following these basic security steps protects you against the majority of threats with minimal effort.
We at Explicit Facts want our followers to stay safe with mental peace and zero impact through the enhanced knowledge base.
So, stay safe and keep reading our articles.
Also, “Like” and “Subscribe” to our website, so that you never miss our future articles. We keep updating them on regular intervals to ensure that you get to know the “Explicit Facts of Life”.
If you like this content, then please “Share” it with your family and friends. Sharing is Caring.
Team Explicit Facts has also compiled soem great articles like Why Do We Need To Protect Our Online Privacy and Best Tricks to Protectec Online Privacy (Part 1 and Part 2). Now before, you leave our website, we are curious.
Do you agree with our article?
Do you have more suggestion for us to include in this article.
Share your story with us in the comment section below…. we will be right there with you.
#explicitffacts #explicit_facts #explicit-facts #smartphonesecurity #onlineprivacy #nordvpn #vpn #technology #encryption #smartphones #bravebrowser