Running a Samsung Note 8 GT-N5110 rooted with SlimKat 4.4.4 build 9 official ROM and the 3.0.64 Slimkat g99xx kernel. Tablet is encrypted, running AFWall+ to control connectivity, OS Monitor to look at whats going on along with Network Log to try to attain some Wireshark functionality to see what is talking. SuperSU controls root access. Browser is Lightning and mail is K9. I do not have GApps or any of the Google framework installed, get nothing from Playstore, rather getting most apps from FDroid. The tablet is also using ART rather than Dalvic runtime. IP Tables are the firewall backend and init.d is supposed to control what happens at boot. The tablet also has Kaspersky AV installed, updated and used regularly.
My background is Unix/Linux and some system administration so my approach to security is probably more granular, something I am finding difficult in Android even given that the underlying OS is more or less Linux. My objective is to create as secure an OS as is reasonably possible given inherent OS and HW constraints. Ultimately what I want to use the tablet for is to access my secure e mail account (not gmail) provided.......that I can gain some degree of comfort with what goes on behind the GUI and my ability to control and monitor it. Personally I think anyone trusting sensitive or personal info to an OS without these controls is begging to be PWNED.
My concern is the number of connections when browsing. At times there will be 30 connections open. Snooping the destination IP's many re to Google,others to various places in various parts of the world. The AFWall+front end/IPTAbles backend for the most part APPEARS to pretty effectively control what gets to connect. But one wonders why so many connections and what are they saying.........and why for example I occasionally will have a connection from "System" to somewhere in Ukraine..........
I read earlier the thread about the stock Android browser having some security/privacy problems. I am also familiar with the other browsers mentioned in the article i.e. Dolphin and Fireweasel most notably. My question is how to lock the system down to avoid between 20 and 30 connections when browsing. Trying to do it with IP tables would be a nightmare. What worries me of course is leakage of private information. Any suggestions or comments would be very much appreciated.
Regards
Expat
My background is Unix/Linux and some system administration so my approach to security is probably more granular, something I am finding difficult in Android even given that the underlying OS is more or less Linux. My objective is to create as secure an OS as is reasonably possible given inherent OS and HW constraints. Ultimately what I want to use the tablet for is to access my secure e mail account (not gmail) provided.......that I can gain some degree of comfort with what goes on behind the GUI and my ability to control and monitor it. Personally I think anyone trusting sensitive or personal info to an OS without these controls is begging to be PWNED.
My concern is the number of connections when browsing. At times there will be 30 connections open. Snooping the destination IP's many re to Google,others to various places in various parts of the world. The AFWall+front end/IPTAbles backend for the most part APPEARS to pretty effectively control what gets to connect. But one wonders why so many connections and what are they saying.........and why for example I occasionally will have a connection from "System" to somewhere in Ukraine..........
I read earlier the thread about the stock Android browser having some security/privacy problems. I am also familiar with the other browsers mentioned in the article i.e. Dolphin and Fireweasel most notably. My question is how to lock the system down to avoid between 20 and 30 connections when browsing. Trying to do it with IP tables would be a nightmare. What worries me of course is leakage of private information. Any suggestions or comments would be very much appreciated.
Regards
Expat
Facebook
Twitter
Instagram