1. wbsrlnyt's Avatar
    Obviously there are a lot of privacy issues when using a phone that syncs to Google's services. Details of the upcoming privacy policy can be found here. Beyond that there are also issues with phone manufacturers putting software on your phone such as a Carrier IQ. Individual apps also come with their own privacy concerns. There's also the problem of all of your network traffic being unencrypted. Hackers could steal sensitive information from you. Advertisers are building profiles about you. And your phone service or manufacturer may be tracking you.

    I would like this thread to be about some ways to improve on privacy on the Android for those who are concerned about it. Obviously many don't have problems with some of Google's services. If that's true for you then this thread is probably not for you.

    Here are a few simple things I'd like to highlight that may help the privacy-concerned Android user. Please add more to this thread with your replies!

    System Security

    Remove Carrier IQ

    There was a lot of news recently about this hidden software on your phone that can track you. One solution to removing it is using a custom ROM like Cyanogenmod. That's beyond the scope of this post, so search the forums. Here's an article more about Carrier IQ, how to see if your phone has it, and how to remove it in other ways.

    Web Browsing

    Use DuckDuckGo for Your Search Engine

    Obviously Google is the default search engine on Android. For those who feel uncomfortable with how Google tracks you and compiles information on your searches, an alternative is DuckDuckGo. They have an app available. The site also are accessible in your mobile browser at DuckDuckGo. Check out the links on the bottom of the left of their page on how they don't track you or bubble you. The Android app comes with a widget that is similar to Google's widget, but really it has the same functionality as just using the 1x1 icon.

    Use Opera for Browsing the Web

    Some browsers like Dolphin collect lots of information about you as your browse (see Dolphin's privacy policy). If you're uncomfortable with that, Opera's mobile browser is a good alternative. Their policy states that "Opera Software has taken much care in the development process so that user privacy and security are not compromised. No personal information is collected or shared. The Opera user’s Web usage is not tracked." Plus, Opera is just a good browser.

    Also, you can change the default search engine in Opera to duckduckgo. Go to duckduckgo.com in Opera. Long-click in the search box and it should give you the option. Just make sure you select it when you use the search engine.

    Surf Anonymously on Tor Network

    Use Orbot to connect to the internet through Tor. More information on Tor can be found here. If you have a rooted device, you can easily send all traffic through Tor. If your device is not rooted, the app works with some Orweb to help you browse anonymously.

    Use https

    Use https whenever possible when surfing the web. I do not currently know of any way to automatically do this for the android. Just manually type in https:// when visiting a site. Not all sites support it, so it won't always be possible to use.

    E-mail

    Get a Private E-mail Provider

    By default many just use Gmail. It is simple. But, if you don't like using Google's services for privacy reasons, there are alternatives. One is Lavabit. It definitely doesn't have a full featured webmail page like Gmail. But, you should check out their privacy policy here. You would need to use the default Email app to setup IMAP or POP3 email. IMAP is probably the better solution (duckduckgo that). K-9 mail is a good IMAP/POP app with more features than the stock E-mail app (see below). There are probably many more private e-mail services out there. Please feel free to list and discuss!

    Encrypt E-mail

    Use K-9 Mail and AGP to encrypt your e-mail messages.

    Also, make sure you are using a secure connection between your device and your e-mail servers (SSL/TLS). Your e-mail provider should have instructions on how to set this up.

    Other

    Don't Sync Calendar

    The calendar app on Android automatically syncs with Google Calendar. You might not like that! Many other calendar apps are just different frontends to the same Google Calendar. So far the only thing I have been able to think of is just disable sync for calendar. Then you will be able to just have a local calendar on your phone. The only downfall is that there's no backup. But, if you have your phone with you all the time anyway it works. I would love to find out how to sync my Android calendar with something like Mozilla Thunderbird/Sunbird without having to cross through Google's Calendar service.

    Use a Different Maps App

    Alternatives to the default Maps app include Bing and Mapquest. Both are not that much better than Google as far as privacy (they are Microsoft and AOL). But, you don't have to log in to your Google account (or any other account) to use either one of them, so there's a little bit more space between some information.

    Use a Different Market

    Use an alternative market such as Amazon Appstore (privacy policy). You still have to give up some information. I mean, you are making purchases. But, it won't be tied to your Google account at least.

    Encrypt SMS

    Use TextSecure to encrypt your SMS!

    Encrypt IM

    Use Gibberbot to encrypt all your IM's. More information can be found here. You can use your Gmail address with this client (it uses XMPP protocol). There are several other services that also use this (such as Lavabit).

    Now I would love to hear of some other suggestions on how to enhance the privacy of your Android phone! I'll be adding more to this post later!
    Cellmeister likes this.
    01-28-2012 06:56 PM
  2. wbsrlnyt's Avatar
    Added some info about apps that help you encrypt sms and e-mail!
    02-07-2012 10:51 PM
  3. wbsrlnyt's Avatar
    Added some info on apps that help you encrypt IM and use Tor network.
    02-15-2012 07:09 PM
  4. Rukbat's Avatar
    I think one of the easiest things to do is to learn what is poor security and what isn't. While you may feel violated by a tracking cookie, it's not a breach of security. The fact that there's a file on your phone that lists where the phone's browser has been - with no owner, email address or phone number information in the file - may help Google aim ads at you, but you shouldn't care.

    I'd be concerned that anyone - even the owner of the email server - could read my emails, so if I wanted to use my phone to handle sensitive emails I'd use my own server, not Google's, not Lavabit, not anyone's.
    bl1ngirl likes this.
    02-18-2012 11:17 PM
  5. bl1ngirl's Avatar
    That is a perspective I hadn't really considered before, thanks! That being said, If I just bought my first Android device (samsung note att), and had not set it up/or linked with any Gmail account yet; what would you suggest the first step I should take to maximize privacy? Obviously set up a new Gmail account and not link it with my own.... What else? (note: I have already had the att&t guy import my contacts from old iPhone, so I might have already blown it).
    08-18-2012 07:12 AM
LINK TO POST COPIED TO CLIPBOARD