Android: Difference between revisions

Jump to navigation Jump to search
Content added Content deleted
VisualWikitext
No edit summary
Tags: Visual edit Made through Tor
Line 21: Line 21:
:* The software skin produced by Google for it's Pixel line-up. It tends to have the least amount of difference compared to the source code of the Android itself. However, there are still exclusive features on Pixels.
:* The software skin produced by Google for it's Pixel line-up. It tends to have the least amount of difference compared to the source code of the Android itself. However, there are still exclusive features on Pixels.
* [[One UI/Samsung Experience]]
* [[One UI/Samsung Experience]]

:* Samsung's take on Android. Historically considered a bit ugly, it runs on untold million of Samsung devices in the wild.
:* Samsung's take on Android. Historically considered a bit ugly, it runs on the roughly 956 million Samsung devices in the wild.
* [[EMUI]]
* [[EMUI]]
:* Found on Huawei's phones, this skin is quite divisive. Western nations, particularly USA government, consider it close to [[w:spyware]]. Be that as it may, Huawei phones are very popular in Europe and Asia.
:* Found on Huawei's phones, this skin is quite divisive. Western nations, particularly USA government, consider it close to [[w:spyware]]. Be that as it may, Huawei phones are very popular in Europe and Asia.
Line 37: Line 38:


Starting with the near useless ones, swipe pattern and camera unlock should never be used, by anyone. They have repeatedly been proven to be insecure and easily defeated. It is pretty trivial for a shoulder surfing attacker to see and memorise your swipe pattern, no matter how complicated it is, not to mention that unless you're absolutely overzealous about screen cleanliness, most times you can still see the swipe smudges left by the previous unlocks.<br>
Starting with the near useless ones, swipe pattern and camera unlock should never be used, by anyone. They have repeatedly been proven to be insecure and easily defeated. It is pretty trivial for a shoulder surfing attacker to see and memorise your swipe pattern, no matter how complicated it is, not to mention that unless you're absolutely overzealous about screen cleanliness, most times you can still see the swipe smudges left by the previous unlocks.<br>
Camera unlocks on the other hand are primarily a jump on the bandwagon started by Apple's much better FaceID solution. But, while Apple uses actual 3D face analysis, most Android do simple facial recognition analysis on the front facing camera which is nowhere near secure enough.
Camera unlocks on the other hand are primarily a jump on the bandwagon started by Apple's much better FaceID solution. But, while Apple uses actual 3D face analysis, most Androids do simple facial recognition analysis on the front facing camera which is nowhere near secure enough.


PIN and fingering recognition are much better, but hardly fool proof. Most PINs are simply too short to stand up to serious scrutiny, and fingerprint sensors have reliably been defeated by security researchers.<br>
PIN and fingering recognition are much better, but hardly fool proof. Most PINs are simply too short to stand up to serious scrutiny, and fingerprint sensors have reliably been defeated by security researchers.<br>
Line 63: Line 64:
However, in the interest of compatibility, it is still possible to install those old apps, and they will be granted all permissions they want, even on modern devices.
However, in the interest of compatibility, it is still possible to install those old apps, and they will be granted all permissions they want, even on modern devices.
If you encounter this sort of interface upon installing an app, it'd be wise to cancel it instead as you have no control over the permissions. Not to mention that such old apps are not required to use secure communication via TLS/SSL.
If you encounter this sort of interface upon installing an app, it'd be wise to cancel it instead as you have no control over the permissions. Not to mention that such old apps are not required to use secure communication via TLS/SSL.

At this time, we highly encourage you to pause what you're doing and go review all the current permissions on your device.


== Private DNS ==
== Private DNS ==


From [[w:Android_version_history#Android_9_Pie_(API_28)|version 9 'Pie']] Android supports private DNS using the [[encrypted DNS|DNS over TLS protocol]]. By default Android uses wither the WiFi's DNS server (usually from the [[w:ISP]] of the WiFI) or the mobile provider's DNS server. While this is not necessarily a bad thing, the problem lies in the fact that the DNS requests are completely unprotected and transparent to the network provider or anyone listening in on the network.<br>This [[Concept:Metadata|metadata]], when collected and analysed, grants a deep insight into your personal behaviours and habits. It is, essentially, your browsing history, except in this case you cannot delete it as it is held by a third party.
From [[w:Android_version_history#Android_9_Pie_(API_28)|version 9 'Pie']] Android supports private DNS using the [[encrypted DNS|DNS over TLS protocol]]. By default Android uses either the WiFi's DNS server (usually from the [[w:ISP]] of the WiFI) or the mobile provider's DNS server. While this is not necessarily a bad thing, the problem lies in the fact that the DNS requests are completely unprotected and transparent to the network provider or anyone listening in on the network.<br>This [[Concept:Metadata|metadata]], when collected and analysed, grants a deep insight into your personal behaviours and habits. It is, essentially, your browsing history, except in this case you cannot delete it as it is held by a third party.
To avert this, you can use any private DNS server compatible with DNS over TLS protocol.
To avert this, you can use any private DNS server compatible with DNS over TLS protocol.
=== Set Private DNS ===
=== Set Private DNS ===
Line 74: Line 77:
{{See also|adblocking}}
{{See also|adblocking}}


Additional privacy benefit form Private DNS is using an adblocking and tracker blocking DNS server.<br>
Additional privacy benefit from Private DNS is using an adblocking and tracker blocking DNS server.<br>
While a standard Private DNS server will resolve all DNS requests over an encrypted connection, there are certain servers which will refuse to resolve ads, tracking, malware or other undesired content. The result of this is that when your phone tries to resolve and ad or a request by an app to access a tracker, the server will instead respond saying that this ad or tracker does not exist. This will result in the ad not being loaded and the tracking information not being sent to the tracker.
While a standard Private DNS server will resolve all DNS requests over an encrypted connection, there are certain servers which will refuse to resolve ads, tracking, malware or other undesired content. The result of this is that when your phone tries to resolve and ad or a request by an app to access a tracker, the server will instead respond saying that this ad or tracker does not exist. This will result in the ad not being loaded and the tracking information not being sent to the tracker.


Line 90: Line 93:
This step is actually very easy, although the difficult part comes in when you attempt to get other people to contact you via these privacy preserving options.
This step is actually very easy, although the difficult part comes in when you attempt to get other people to contact you via these privacy preserving options.


If you use [[w:SMS|text messaging aka SMS]] or standard phone calls your communications are transmitted in plain text and are easily visible to your service provider. Depending where you live, your service provider or government may be logging and analysing this information, building a model of your behaviour and building a permanent record which may be used against you in many ways.
If you use [[w:SMS|text messaging aka SMS]] or standard phone calls your communications are transmitted in plain text and are easily visible to your service provider. Depending where you live, your service provider or government may be logging and analysing this information, building a model of your behaviour, and building a permanent record which may be used against you in many ways.
Even if you mainly correspond via apps such as Facebook messenger or WhatsApp, you're hardly any better off. Rather than with your provider, your messages and/or the metadata are now in the hands of big companies such as Facebook who's core business model is to violate your privacy. Those companies are, of course, subject to coercion by government in charge of their servers.
Even if you mainly correspond via apps such as Facebook messenger or WhatsApp, you're hardly any better off. Rather than with your provider, your messages and/or the metadata are now in the hands of big companies such as Facebook who's core business model is to violate your privacy. Those companies are, of course, subject to coercion by government in charge of their servers.


Retrieved from ‘https://privacywiki.xyz/wiki/Android