Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Android Privacy Guide

No description

Pavol Luptak

on 21 June 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Android Privacy Guide

Android Privacy Guide
Why choose Android when you care about your privacy
Encrypted storage
Android >=3.0 supports native full disk encryption
other alternatives are Luks encryption, Cryptonite
encrypt your root filesystem including all your external SD cards and your Titanium backups!
Encrypted communication II
Email encryption
Let's talk about...
Why choose Android?
Encrypted storage
Encrypted communication
Privacy-aware searching
Anonymization techniques
Other privacy recommendations

It is open source - easily and completely auditable what is crucial for security (iOS, Blackberry, Windows Mobile are proprietary closed-source platforms) - you know there isn't anything hidden that might violate your privacy (e.g. Carrier IQ)
There is a "privacy-aware" Android distribution - Cyanogenmod that has removed any Google spying functionality, incognito mode, torification etc.
It supports all advanced Linux security features (e.g. SELinux, Truecrypt full disk encryption, etc.)
Why Yes:
Why Not:
iOS marketplace is more conservative, it may contain less malware/trojans
Full disk encryption
Application-specific encryption
at least AES256 storage for your sensitive information (credit card numbers, credentials, private keys, etc)
B-Folders, KeePassDroid, NoteCipher
PGP encryption based on APG (K9 Mail, Kaiten Mail, r2mail2)
S/MIME encryption (r2mail2)
Instant chat encryption
based on OTR or PGP
Gibberbot (quite unstable), IM+ Pro with OTR plugin
Voice encryption
based on ZRTP protocol and SIP/TLS
CSipSimple (can be used with Ostel.me), RedPhone
Acrobits Softphone with ZRTP outgoing module (or Groundwire)
Anonymization techniques
Outgoing connection / browsing anonymization
based on Tor, torification of all outgoing connections from smartphone is possible
Orbot and Orweb v2, AdBlockPlus Firefox plugin
Payment transactions
based on Bitcoins
Bitcoin Wallet
Other privacy recommendations
Use trustworthy software
Always check application's permission during installation
Use applications from official Android Market only
Use antivirus and firewall (DroidWall), Network Log
Privacy-aware searching
Use DuckDuckgo.com instead of Google!
Avoid using social networks
They have usually access to all your sensitive informations stored on your smartphone
Use trustworthy tracking / wiping software
With the possibility of "remote wipe" and "remote lock"
Secure wipe InTheClear
Face obscure
Avoid using banking applications
Google is not a privacy-aware search engine, it tracks everything about you!
Disable Geolocation services
If you don't use them
Care about your privacy - privacy intrusions by 3rd parties (government, corporations, your competitors) will be more likely in the future
You are already tracked (by data retention law, all social networks, Google) and can be easily monitored (by any secret or other government agencies)
The Internet is a permanent storage - some your sensitive data may be never erased when they are leaked
Thanks for your attention!
Contact me!
Encrypted communication I.
NCP VPN client, Droid VPN, Tigervpns VPN, VPNCilla, strongSwan VPN client
SSH tunnels
Encrypted communication III.
There are some cool crypto Android applications, but they are proprietary with no source code:
Acrobits Softphone
Can we trust them?
Encrypted SMS messages
TextSecure (Android only)
Full transcript