2) Hardening Android OS

There is a number of custom ROMs providing enhanced security features. All have in common that Google apps have to be installed separately if needed. The most popular is CyanogenMod, which comes with a fancy installer and works on a lot of devices. Replicant OS is focused on privacy and freedom, installs straightforward but works only on few devices yet.

But even a standard Android gives you a lot of options to improve security and privacy. Additionally, there are built-in apps and services which you better deactivate. We have compiled a list of settings that you can check out on woerter.de/android.

We tested this configuration on several devices running Android 4.3 with good results. Of course we can’t guarantee you that you won’t run into problems – we would be glad to hear your feedback. And you will lose a little convenience – for example, you’ll have to turn on GPS when you need it and you won’t have word suggestions when typing. But if you’re not happy with it, just revert to your old settings.

Recommended Androids privacy settings

WARNING: Please make notes on your previous settings. Should you experience unacceptable drawbacks you can easily re-establish your previous setup.

(tested in Android 4.4 / CyanogenMod)

  • Settings → WIRELESS & NETWORKS (disable wireless to preserve battery and privacy)
    • → Wi-Fi → ON (temporary to access the next setting)
      Wi-Fi (long press) → Settings (three dots) → Advanced → Network notification → DISABLE (disables network autoscanning)
    • → Wi-Fi → OFF
    • → Bluetooth → OFF
    • → More… → NFC → DISABLE
      → Mobile Networks → Data enabled → DISABLE
      → Aeroplane mode → (RE)ENABLE
      (do this last!)
  • Settings → PERSONAL
    • → Location → OFF
    • → Security → SCREENSECURITY
      Screen Lock → PIN (add/change pin)

      • → ENCRYPTION (we do this later)
        Allow Unknown Sources (see warning below)
      • → DEVICE ADMINISTRATION
        → Verify apps → DISABLE (uploads apps to Google)
      • → APP SECURITY
        → SMS message limit → SMS message limit → 5 (default=30)
    • → Privacy → Privacy Guard → Enabled by default → ENABLE
      (we cover this later in the permission management section)
    • → Language & Input → Spell Checker → Android Spell Checker
      → Look up contact names → DISABLE

      • → KEYBOARD & INPUT METHODS → Android Keyboard Settings (AOSP)
        → OTHER OPTIONS → Next-word suggestions → DISABLE
        DO THIS FIRST! (Auto-correction OFF will grey it out)
        → Android Keyboard Settings (AOSP) → TEXT CORRECTION
        → Block offensive words – DISABLE
        → Auto-correction – OFF
        → Android Keyboard Settings (AOSP) → OTHER OPTIONS
        → Advanced settings → Suggest Contact Names → DISABLE
        → Google Voice Typing → DISABLE
    • → Backup & reset
      → Automatic restore → DISABLE
      → Backup my data → DISABLE
  • Settings → SYSTEM
    • About phone/tablet → CyanogenMod Statistics → Enable reporting → DISABLE
      → Build number (click build number 5-7 times to activate developer options)
    • Developer Options → Device Hostname → localhost (change to)
    • Superuser → Settings → Notifications (keine) → Notification (not toast)

Invasive Apps and Services (to Deactivate):

You can deactivate apps and services under Settings → Apps → All

  • com.android.smspush
  • com.google.android.voicesearch
  • Face Unlock
  • Google Backup Transport
  • Google Calendar Sync
  • Google One Time Init
  • Google Partner Setup
  • Google Play Store
  • Google Contacts Sync
  • Google Search
  • Hangouts
  • Market Feedback Agent
  • News & Weather
  • One Time Init
  • Picasa Updater
  • Sound Search for Google Play
  • TalkBack

Leave a Comment

Your email address will not be published. Required fields are marked *