Android and iOS settings for better security and privacy

The article lists settings to change on Android 14 and iOS 17.

According to the author:

Recommended setting changes reduce the amount of data submitted to device manufacturers, cell carriers, or app developers and improve device security against common threats, such as those posed by nosy people who find the device unattended or by common malware.

By enabling all of these settings, you are significantly reducing the amount of tracking and data collection these devices perform, but keep in mind that you are not completely eliminating it.

smeg,

Looks like a good “best practices” sort of list. Would be nice if there was a bit more explanation as to why some of them are recommended (just because it’s good to understand why you’re disabling something rather than blindly following a guide), but still good!

awwwyissss,

Agreed. Disable 2G? Why? That might cost me connectivity in some places and I won’t remember to turn it back on.

smeg,

To add to that other (much more in-depth) comment, I remember reading on the GrapheneOS FAQs that disabling everything you’re not actively using will generally improve security as you’re reducing the number of potential ways for an attacker to get in (phrases like “attack vectors” and “surface area” were used).

On a separate note I didn’t even know 2G towers were still active anywhere; they’re shutting down the 3G ones here!

ForgottenFlux,

I’m not the writer of the article, but here’s an answer you can find on running a quick search.

According to this article from the Electronic Frontier Foundation (EFF):

What is 2G and why is it vulnerable?

2G is the second generation of mobile communications, created in 1991. It’s an old technology that at the time did not consider certain risk scenarios to protect its users. As years have gone, many vulnerabilities have been discovered in 2G and it’s companion SS7.

The primary problem with 2G stems from two facts. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and your phone will never be the wiser.

Cell-site simulators sometimes work this way. They can exploit security flaws in 2G in order to intercept your communications. Even though many of the security flaws in 2G have been fixed in 4G, more advanced cell-site simulators can take advantage of remaining flaws to downgrade your connection to 2G, making your phone susceptible to the above attacks. This makes every user vulnerable—from journalists and activists to medical professionals, government officials, and law enforcement.

awwwyissss,

I appreciate that, thanks 🙏🏻 now I’m considering disabling 2G.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacyguides@lemmy.one
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #