diff --git a/collections/_evergreen/android.md b/collections/_evergreen/android.md index 7d80d3c0..baffaa39 100644 --- a/collections/_evergreen/android.md +++ b/collections/_evergreen/android.md @@ -94,12 +94,40 @@ It's important to not use an [end-of-life](https://endoflife.date/android) versi Should you want to run an app that you're unsure about, consider using a user or work [profile](/android/#android-security-privacy). +### Advanced Protection Program +If you have a Google account we suggest enrolling in the [Advanced Protection Program](https://landing.google.com/advancedprotection/). It is available at no cost to anyone with two or more hardware security keys with [U2F](https://en.wikipedia.org/wiki/Universal_2nd_Factor) support. + +The Advanced Protection Program provides enhanced threat monitoring and enables: + +* Stricter two factor authentication; e.g. that [U2F](https://en.wikipedia.org/wiki/Universal_2nd_Factor) **must** be used and disallows the use of [SMS OTPs](https://en.wikipedia.org/wiki/One-time_password#SMS), [TOTP](https://en.wikipedia.org/wiki/Time-based_one-time_password), and [OAuth](https://en.wikipedia.org/wiki/OAuth) +* Only Google and verified third party apps can access account data +* Scanning of incoming emails on Gmail accounts for [phishing](https://en.wikipedia.org/wiki/Phishing#Email_phishing) attempts +* Stricter [safe browser scanning](https://www.google.com/chrome/privacy/whitepaper.html#malware) with Google Chrome +* Stricter recovery process for accounts with lost credentials + +For users that are using the privileged Play Services (common on stock operating systems), the Advanced Protection Program also comes with [additional benefits](https://support.google.com/accounts/answer/9764949?hl=en) such as: +* Not allowing app installation outside of the Google Play Store, the OS vendor's app store, or via [`adb`](https://en.wikipedia.org/wiki/Android_Debug_Bridge) +* Mandatory automatic device scanning with [Play Protect](https://support.google.com/googleplay/answer/2812853?hl=en#zippy=%2Chow-malware-protection-works%2Chow-privacy-alerts-work) +* Warning the user about unverified applications + ### SafetyNet and Play Integrity API [SafetyNet](https://developer.android.com/training/safetynet/attestation) and the [Play Integrity APIs](https://developer.android.com/google/play/integrity) are generally used for [banking apps](https://grapheneos.org/usage#banking-apps). Many banking apps will work fine in GrapheneOS with sandboxed Play services, however some non-financal apps have their own crude anti-tampering mechanisms which might fail. GrapheneOS passes the `basicIntegrity` check, but not the certification check `ctsProfileMatch`. Devices with Android 8 or later have hardware attestation support which cannot be bypassed without leaked keys or serious vulnerabilities. As for Google Wallet, we don't recommend this due to their [privacy policy](https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=en), which states you must opt-out if you don't want your credit rating and personal information shared with affiliate marketing services. +### Advertising ID + +All devices with the Play Service installed automatically generate an [advertising ID](https://support.google.com/googleplay/android-developer/answer/6048248?hl=en) used for targetted advertisement. We recommend that you disable this feature to limit the data collected about you. + +On Android distributions with [Sandboxed Play Services](https://grapheneos.org/usage#sandboxed-play-services), go to ⚙️ Settings → Apps -> Sandboxed Google Play -> Google Settings -> Ads and select **Delete advertising ID**. + +On Android distributions with privileged Play Services (such as the stock OS), the setting can be in one of several locations. Check +* ⚙️ Settings → Google → Ads +* ⚙️ Settings → Privacy → Ads + +Depending on the system, you will either be given the option to delete your advertising ID or to "Opt out of interest-based ads". You should delete the advertising ID if you are given the option to, and if you are not, we recommend that you opt out of interested-based ads and then reset your advertising ID. + ### Android Device Shopping Google Pixels are known to have good security and properly support [verified boot](https://source.android.com/security/verifiedboot). Some other phones such as the Fairphone and Oneplus devices also support custom Android verified boot (AVB) key enrollment. However, there have been issues with their older models. In the past they were using [test keys](https://social.coop/@dazinism/105346943304083054) or not doing proper verification, making verified boot on those devices useless. @@ -153,22 +181,6 @@ We have these general tips: Evaluate whether the additional features in the F-Droid build are worth the slower updates. Also think about whether faster updates from the Google Play Store are worth the potential privacy isues in your [threat model](/threat-modeling/). -## Advanced Protection Program -If you have a Google account we suggest enrolling in the [Advanced Protection Program](https://landing.google.com/advancedprotection/). It is available at no cost to anyone with two or more hardware security keys with [U2F](https://en.wikipedia.org/wiki/Universal_2nd_Factor) support. - -The Advanced Protection Program provides enhanced threat monitoring and enables: - -* Stricter two factor authentication; e.g. that [U2F](https://en.wikipedia.org/wiki/Universal_2nd_Factor) **must** be used and disallows the use of [SMS OTPs](https://en.wikipedia.org/wiki/One-time_password#SMS), [TOTP](https://en.wikipedia.org/wiki/Time-based_one-time_password), and [OAuth](https://en.wikipedia.org/wiki/OAuth). -* Only Google and verified third party apps can access account data -* Scanning of incoming emails on Gmail accounts for [phishing](https://en.wikipedia.org/wiki/Phishing#Email_phishing) attempts -* Stricter [safe browser scanning](https://www.google.com/chrome/privacy/whitepaper.html#malware) with Google Chrome -* Stricter recovery process for accounts with lost credentials - -For users that are using the privileged Play Services (common on stock operating systems), the Advanced Protection Program also comes with [additional benefits](https://support.google.com/accounts/answer/9764949?hl=en) such as: -* Not allowing app installation outside of the Google Play Store, the OS vendor's app store, or via [`adb`](https://en.wikipedia.org/wiki/Android_Debug_Bridge) -* Mandatory automatic device scanning with [Play Protect](https://support.google.com/googleplay/answer/2812853?hl=en#zippy=%2Chow-malware-protection-works%2Chow-privacy-alerts-work) -* Warning the user about unverified applications - ## Security comparison of GrapheneOS and CalyxOS ### Profiles