Setting aside the tin foil hat and paranoia jokes, no one likes being tracked or their private text messages being scraped up by the U.S. government’s massive computers, nor their phone metadata being logged, nor even the possibility of someone being able to listen in or record your phone calls (the NSA denies they listen to calls, but others with even FEWER ethics CAN).
Here’s what you can do to protect yourself on your Android SmartPhone
Encrypt your text messages. There are 2 good options:
Install the TextSecure app. This app will automatically detect which of your contacts also has this app installed and will automatically encrypt your SMS text messages with those individuals. TextSecure is available on iOS too! This means you can have encrypted texting sessions with both iOS and Android users!
Root your phone and install CyanogenMod 11 (or higher). CM 11 has built-in support for TextSecure encryption, coded directly INTO the Operating System. This means, you don’t have to install the TextSecure app. Automatically, ALL SMS apps on your phone suddenly support TextSecure encryption. But, you have to turn it on. The feature is called “WhisperPush”. Simply find the WhisperPush app on your phone, run it, and follow the instructions. It’s the simplest setup you’ll ever experience.
Encrypt your voice phone calls (yes, you can do that)
This used to be stuff of only fiction in spy movies, but it’s a reality today and YOU can do it within minutes of reading this article. First, install the app RedPhone from the Google Play Store. This app is made by the same people that make TextSecure. Both you and the person you’re calling (or receiving a call from) have to be using this in order to have a secure, encrypted phone call. When you install the app, the first time you run it, it’ll ask you to register your phone number. Now, anyone else with the app, when they call you’re number, the app knows you have it and will offer the caller the option to make the phone call encrypted. Note that this uses your DATA connection and NOT your phone connection. You’re not actually making an actual phone call. It’s more of an internet audio chat. But you don’t need to know that other than if you have a data cap, this will use your data. As far as you and the other caller are concerned, for all practical purposes, it’s a phone call. But your carrier will have no record of it AND anyone trying to listen in will only see a stream of random bytes streaming. It’s totally encrypted… just like in the spy movies!
Encrypt your E-Mail
This is a bit more difficult. I’ll provide another article on how to do this. The short version is you need to install djigzo from the Google Play store to manage your keys. Then you’ll need an e-mail client that can use those keys to encrypt and decrypt your e-mail. K-9 Mail is supposedly one of those apps. For the record, I’ve NEVER gotten this to work.
Encrypt your phone
Android can encrypt your entire phone. Don’t confuse yourself. This does NOT encrypt ANY internet traffic to or from your phone. It encrypts the files on the phone itself.
Go to Seetings –> Security –> Encrypt Phone
Warning! This can take an hour or so! Make sure your phone is plugged in AND has at least an 80% charge. You do NOT want this failing in the middle of it. It will also require you to set a lock screen PIN or password, if you don’t already have one. Once you do this, you CANNOT flash anymore ROMs on your phone (if you’re rooted). So, make sure you’re good to go with the ROM you have.
Add a PIN or password to your phone
This one is obvious. You need to set a PIN or a Password on your lock screen, otherwise, anyone can use your phone and see your data.
Add extra PIN for individual apps
Install the app AppLock from the Google Play store. Open it up and set your settings. You’ll set a PIN and you’ll select the apps you want to have an extra layer of protection. Hint: DO NOT use the SAME PIN here that you’re using for your phone lock screen.
This app will pop up a PIN prompt whenever someone tries to open one of your extra protected apps. For example, you may want to enable your backing apps and credit card apps via AppLock so that you have to know that extra PIN in order to lauch them. This way, if you let someone borrow your phone, they can’t go snooping into your financial data.
Hide apps and/or files on your phone
Maybe you have some apps that you don’t want other people to know or use. Go to the Google Play store and download an app called Hide It Pro. When you install it, it’ll show up on your phone as “Audio Manager”. It’s deliberately deceptive. The purpose of this app is to hide apps and/or files on your phone. You protect them with a password of your choosing. If someone’s snooping around on your phone, all they’ll see for this app is a music icon with a label, “Audio Manager”. And if they launch it, it’ll even have working audio controls. Those controls are totally for faking out people snooping on your phone. Long press on the app title at the top of the screen (inside the app) and you’ll be prompted for a password, which then takes you into the real app where you can select apps and files to hide. They won’t even show up anywhere on the phone with the regular phone interface.
Hide your browsing and internet traffic
Your ISP can see all the sites you go to, and so can the NSA, and so can anyone else snooping on your wireless connection (or even your wired connection). And websites know what IP address you’re using, which means they can ask the ISP that own’s that IP address who is using it, and they’ll give them your name, address, and phone number. What you need is something that bounces your web page requests to random computers all over the world. Yes, this is exactly what you see “hackers” doing in hi-tech spy movies and YOU can do it too… VERY EASILY. Install the app Orbot on your phone. Follow the directions. It’s super simple. If your phone is rooted, it can obfuscate ALL of your internet traffic. If your phone is NOT rooted, it can work with a few apps on your phone (web browser and e-mail, in particular) and bounce all your traffic from those supported apps all around the world. It’ll slow down your connection a little, but it’ll also protect you against nosy, 3 letter acronyms including ISPs.
See these images?
You’ll find an actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.
Check back later for updates too!