mirror of
https://github.com/Lissy93/personal-security-checklist.git
synced 2024-10-01 01:35:37 -04:00
Set up mobile carrier PIN
This commit is contained in:
parent
20321e84c7
commit
d0b15c2b4d
@ -136,6 +136,7 @@ SMS texting and traditional phone calls are not secure, so it's imprortant to av
|
|||||||
**Uninstall apps that you don’t need** | Recommended | Don’t have apps that your not using on your phone, as they can be collecting data in the background. Don’t install apps from non-legitimate sources, or apps with few reviews.
|
**Uninstall apps that you don’t need** | Recommended | Don’t have apps that your not using on your phone, as they can be collecting data in the background. Don’t install apps from non-legitimate sources, or apps with few reviews.
|
||||||
**Don’t grant apps permissions that they don’t need** | Recommended | If an app doesn’t need access to your camera, don’t grant it access. Same with any features of your phone, be wary about what each app has access to.
|
**Don’t grant apps permissions that they don’t need** | Recommended | If an app doesn’t need access to your camera, don’t grant it access. Same with any features of your phone, be wary about what each app has access to.
|
||||||
**Only Charge your Device from a Trusted Source** | Recommended | When you charge your device via USB in a public space, it is possible for malicious actors to gain full access to your device, via [AT Commands](https://en.wikipedia.org/wiki/Hayes_command_set). You can read more about this at https://atcommands.org/ or from [this seminar](https://www.usenix.org/node/217625). To protect yourself, either only charge your phone from trusted sources, or use a [USB Data Blocker](https://amzn.to/30amhja). A Data blocker allows your phone to charge, while blocking the data transfer wires, blocking this exploit or any file transfers to run. ([PortaPow](https://portablepowersupplies.co.uk/) is recomended, since it still allows for fast-charge.) Availible in both [USB-A](https://amzn.to/309kPh3) and [USB-C](https://amzn.to/39Wh5nJ).
|
**Only Charge your Device from a Trusted Source** | Recommended | When you charge your device via USB in a public space, it is possible for malicious actors to gain full access to your device, via [AT Commands](https://en.wikipedia.org/wiki/Hayes_command_set). You can read more about this at https://atcommands.org/ or from [this seminar](https://www.usenix.org/node/217625). To protect yourself, either only charge your phone from trusted sources, or use a [USB Data Blocker](https://amzn.to/30amhja). A Data blocker allows your phone to charge, while blocking the data transfer wires, blocking this exploit or any file transfers to run. ([PortaPow](https://portablepowersupplies.co.uk/) is recomended, since it still allows for fast-charge.) Availible in both [USB-A](https://amzn.to/309kPh3) and [USB-C](https://amzn.to/39Wh5nJ).
|
||||||
|
**Set up a mobile carrier pin** | Recomended | [SIM hijacking](https://securelist.com/large-scale-sim-swap-fraud/90353/) is when a hacker is able to get your mobile number transfered to their sim (often through social engineering your mobile carrier). This then allows them to recieve 2FA SMS codes (enabling them to access your secure accounts, such as banking), or to pose as you. The easiest way to protect against this is to set up a PIN through your mobile provider, thus disallowing anyone without this PIN to make any changes to your account. The PIN should not be easily guessible, and it it important that you remember it, or store is somewhere secure. Using a non-SMS based 2FA method will reduce the damage that can be done if someone is able to take control of your SIM. [Read more](https://us.norton.com/internetsecurity-mobile-sim-swap-fraud.html) about the sim swap scam.
|
||||||
**Monitor Trackers** | Optional | A tracker is a piece of software meant to collect data about you or your usages. [εxodus](https://reports.exodus-privacy.eu.org/en/), is a great service, which lets you search for any app, by it's name, and see which trackers are embeded in it. They also have [an app](https://play.google.com/store/apps/details?id=org.eu.exodus_privacy.exodusprivacy), which shows trackers and permissions for all your installed apps.
|
**Monitor Trackers** | Optional | A tracker is a piece of software meant to collect data about you or your usages. [εxodus](https://reports.exodus-privacy.eu.org/en/), is a great service, which lets you search for any app, by it's name, and see which trackers are embeded in it. They also have [an app](https://play.google.com/store/apps/details?id=org.eu.exodus_privacy.exodusprivacy), which shows trackers and permissions for all your installed apps.
|
||||||
**Install a Firewall** | Optional | To prevent applications from leaking privacy-sensitive data, you can install a firewall app. This will make it easier to see and control which apps are making network requests in the background, and allow you to block specific apps from roaming when the screen is turned off. For Android, check out [NetGuard](https://www.netguard.me/), and for iOS there is [LockDown](https://apps.apple.com/us/app/lockdown-apps/id1469783711), both of which are open source. Alternatively there is [NoRootFirewall](https://play.google.com/store/apps/details?id=app.greyshirts.firewall) *Android*, [XPrivacy](https://github.com/M66B/XPrivacy) *Android (root required)*, [Fyde](https://apps.apple.com/us/app/fyde-mobile-security-access/) *iOS* and [Guardian Firewall](https://guardianapp.com/) *iOS*.
|
**Install a Firewall** | Optional | To prevent applications from leaking privacy-sensitive data, you can install a firewall app. This will make it easier to see and control which apps are making network requests in the background, and allow you to block specific apps from roaming when the screen is turned off. For Android, check out [NetGuard](https://www.netguard.me/), and for iOS there is [LockDown](https://apps.apple.com/us/app/lockdown-apps/id1469783711), both of which are open source. Alternatively there is [NoRootFirewall](https://play.google.com/store/apps/details?id=app.greyshirts.firewall) *Android*, [XPrivacy](https://github.com/M66B/XPrivacy) *Android (root required)*, [Fyde](https://apps.apple.com/us/app/fyde-mobile-security-access/) *iOS* and [Guardian Firewall](https://guardianapp.com/) *iOS*.
|
||||||
**Use secure, privacy-respecting apps** | Optional | Mainstream apps have a reputation for not respecting the privacy of their users, and they're usually closed-source meaning vulnrabilities can be hidden. [Prism-Break](https://prism-break.org) maintains a list of better alternatives, see [Android](https://prism-break.org/en/categories/android/) and [iOS](https://prism-break.org/en/categories/ios/).
|
**Use secure, privacy-respecting apps** | Optional | Mainstream apps have a reputation for not respecting the privacy of their users, and they're usually closed-source meaning vulnrabilities can be hidden. [Prism-Break](https://prism-break.org) maintains a list of better alternatives, see [Android](https://prism-break.org/en/categories/android/) and [iOS](https://prism-break.org/en/categories/ios/).
|
||||||
|
Loading…
Reference in New Issue
Block a user