Securing Mobile: Introduction
Mobile devices - specifically smartphones - are the cutting edge of surveillance technology. They're miniature super computers that live in your pocket everywhere you go. They track your movement, your communications, your content intake, your interests (via the apps you download and sites you visit), and in some cases they even track your health or sleep habits. Most of us use a phone as an alarm clock, right?
It goes much deeper though. Imagine if your phone got lost. Imagine a stranger picking up your phone and checking it. Maybe they're a good person trying to get it back its owner. Maybe they're not. They can see your bank app on the front page, maybe even access your account just by opening it. They can read all your texts and scroll through your pictures. They can even check your web history or map history. Losing your phone is more than an inconvenience, it's a massive personal risk.
How can we minimize this surveillance and maximize our security? The biggest step would be to become less reliant on your phone. Going somewhere you already know? No need for navigation, leave it at home. Going shopping? Take a physical shopping list written on a piece of paper. Using an encrypted messenger like Signal? Use it on desktop.
But try as we might, sometimes our phones are unavoidable. We need them when going to a new or unfamiliar place or while working off-site, etc. So the next best step is to minimize the data collection. In this sub-chapter, I'm going to share settings, apps, and other advice for both iOS and Android that can be changed to maximize your privacy settings.
Before I dive into that, let me answer the age old question: Android vs iOS? Androids are popular in the privacy community because certain models can be flashed with a different operating system, fundamentally altering the phone and reducing data collection. But for this site, I'm going to be discussing the stock, unaltered operating system. In this scenario, I'd recommend the iOS device for one simple reason: superior security. Because iOS devices are manufactured in-house with very little variation between the hardware, pushing out updates is incredibly easy.
Android devices, on the other hand, are made by a wide variety of manufacturers with various different components, meaning every time a new update gets released it must be delivered to the manufacturers first so they make it work with the various devices before pushing it out. (Source) Additionally, the Apple store has a better vetting system for apps. It seems like a few times a month I read a new story about a malicious app (or scores of them) being removed from the Google Play store. Malicious Apple app removal is significantly more rare. Not impossible or unheard of, but much more rare.
I also want to add that I highly discourage you from ever jailbreaking your phone or putting it into developer mode unless you plan to flash a different operating system onto it, in which case you're probably too advanced for this site. Compromising a phone like that disables many of the security features, prevents you from getting security updates, and generally makes you significantly more susceptible to malware. Just play with the settings that are already in the phone.