Here’s how to fix it.
[This post originally appeared on Medium: https://medium.com/honeyminer/your-mobile-security-is-terrible-d78dca959648]
Personal digital security has become a hot topic lately — especially within cryptocurrency community. As you earn Bitcoin using Honeyminer it is important to take your new security needs into consideration as you now have total ownership of a scarce and valuable digital commodity.
In part one of our three part series on OPSEC, will teach you how to improve the security on your mobile device while protecting your privacy.
The three parts will include:
Part 1: Securing your Android Mobile Device’s Hardware
Part 2: Using Applications to Protect Your Data and Privacy on a Mobile Device
Part 3: Protecting Cryptocurrencies on Samsung’s new Galaxy line of Mobile Devices
The objective is to teach everyday users simple steps to take to better protect themselves from outside breaches, corporate data mining, and violations of privacy. We hope you find this article informative and helpful.
The information below is intended for educational purposes only, to teach you a bit about securing your phone’s hardware and any cryptocurrencies you store there.
Part 1: Securing your Android Mobile Device’s Hardware
The first and arguably most important factor in phone security is choosing the right hardware. For most people they think this is an easy answer, and they head on over to their local Apple store and pick up the newest iPhone. Out of the box, a stock iPhone is more secure than a stock Android phone, but this is only true if you trust Apple with your data, which I do not recommend . If you are looking for simple low level security the iPhone is better than most.
However, if you want to take privacy protection and mobile phone opsec to the next level, I suggest you pick a Samsung Galaxy S8 or newer phone. (S8+, Note 8, S9, S9+, Note 9). I will go into exhaustive detail as to why those specific phones are the best for security in Part 3 of this series. In this piece we will focus on how to optimize security for most Android phones’ hardware.
Once you have picked out your device there are a few steps you can take to better secure your phone no matter what make or model you own.
Encrypting your Device should be a no brainer for most users. You should ALWAYS encrypt your device. In older phones you can turn this feature on in your security settings. In the past many users avoided turning this feature on because it would slow down their device. With today’s more powerful hardware encryption should not cause any noticeable degradation in performance. For this reason many new phones come with internal storage encrypted by default.
Another lesser known feature users should turn on is boot encryption. Most Android phones call it Secure Startup and it can be found on new Samsung phones under Settings > Bio-metrics and Security > Secure Start Up.
This requires you to enter a pin before the phone will boot into the OS. This means that even the OS is encrypted during boot, which generally makes the phone harder to hack because any known vulnerabilities in the OS can’t be exploited while it’s locked pre-boot. This is very similar to enabling a boot password from your motherboard BIOS on a custom built PC.
Locking your Device With a Password/Fingerprint and Trusted Device
We all know having a password on your lock screen can help secure your device. Most new phones offer you a multitude of ways to set this up, Pin, Pattern, Password, Fingerprint, Iris, and Face Unlock. I recommend using a Password over a PIN. You can combine the password with a Fingerprint if you need quicker access.
Note: Law Enforcement officers are allowed to force you to unlock your phone via fingerprint; however passwords are still protected by the Fourth and Fifth amendments, which protect against unreasonable search and seizure and self-incrimination. (For more information click here).
In my opinion a 4 digit PIN number is not long enough or complex enough to secure your device. One of the biggest weaknesses of a PIN/Pattern access is the smudges you leave on your screen after typing it in. I have seen many phones easily unlocked just by looking for these smudges on the screen and guessing at the password. (For more information see: Smartphone smudges can reveal password, study finds). For this reason I recommend at least an 8 digit password that combines letters, symbols, and numbers. I know what you are thinking already, “Who wants to type in a complex password each time they check their phone?”. This is why setting up a fingerprint is an option. On most new phones the fingerprint reader is quick, accurate, and difficult to trick. I recommend using the fingerprint over Iris/Face Unlock because I am not a fan of having a detailed 3D model of my iris or my face uploaded into a database. From my understanding Face ID is easier to fake.
Even though the fingerprint scanner is fast, I know there are still some of you who don’t even want to deal with that delay. There are other options for these users — like Android Smart Lock with Trusted Devices. It may be the most underrated features of owning a Smart Watch. If you have a Bluetooth device of any kind that your carry with you and is always connect to your device you have the ability to set it up as a Trusted Device.
Trusted Devices will keep your phone unlocked as long as they are connected via Bluetooth. The reason a smart watch works so well is that it is always near your phone when you need it. If you leave your phone somewhere as soon as you are out of range (10–100m depending on the class of bluetooth), the device will become locked. This also comes in handy if you ever need to lock your phone while someone else is holding it. All you have to do is turn off Bluetooth or power off your watch and your phone will lock.
Moving on: External Micro SD Card Support
This final tip is the main hardware advantage most Android users have over an iPhones. Having an External Secure Digital Card (EXSD) support is a huge advantage for personal security, and I’ll tell you why below.
- Storage CapacityOn a Samsung Note 9 you can have 500GB+ of internal storage by inserting an EXSD. This can help remove the need to use cloud storage or streaming services that can compromise the security of your data usage for various reasons.
2. Backup Storage
How many times has your phone died? I’m talking smashed to pieces, run over by a truck, drowned in a pool, etc. How have you gotten your data back? Most likely by pulling it from the cloud, taking your phone to the Apple store, or just giving up and losing it all and starting over. If you had made a backup up of your phone to your EXSD all you would have to do is pull the card out and put it in a new phone. This can easily be done with Samsung Smart Switch on any new Samsung device. (How can I backup my data to SD card using Smart Switch Mobile?)
3. Removable Storage
The final and most critical benefit of having an EXSD is the ability to remove it from your device. For instance if you are going to be traveling abroad and will be subject to a device search, you can simply pop out the EXSD card before you fly and put it in a different bag or in your wallet. As long as any apps or files you want to keep private are correctly installed or stored on the EXSD, they will not be a part of the search. This for instance could include any mobile wallets, or exchanges you store your Honeyminer profits on. It is also a great place to keep a backup copy of your ID, Passport, and Credit Cards while traveling.
The above information was intended for educational purposes, to teach you a bit about securing your phone’s hardware and any cryptocurrencies you store there. Part 2 of the series will be coming out soon and will focus on specific applications to use that will protect your communications, usage data, and cryptocurrency wallets/exchanges.
If you have any questions or want to join the active community please:
Follow on Twitter
Follow the Instagram
Join the Telegram Group
Subscribe to Honeyminer Reddit
Thanks again and as always #GetThatHoney🍯⛏