Editing Mobile Phone Security (section)

== Best Practices ==

​

As outlined in the introduction, threats to mobile devices are increasing in number, scope and complexity. Therefore a complete change in user behavior is necessary to better protect personal devices and information. In general, the more device features that are enabled, the greater the loss in security -- avoid enabling features simply for personal convenience. <ref>

https://s3.documentcloud.org/documents/21018353/nsa-mobile-device-best-practices.pdf

</ref>

=== Miscellaneous ===

'''Table:''' ''Mobile Devices Miscellaneous Best Practices''

​

{| class="wikitable"

|-

! scope="col"| '''Setting / Behavior'''

! scope="col"| '''Recommendation'''

! scope="col"| '''Security Benefit'''

|-

​

! scope="row"| '''Abstinence'''

| Move and/or power off mobile devices.

| Since many of the following best practices (such as remove phone microphones, speaker, webcam, GPS, bluetooth, sim card) are admiringly difficult, cumbersome, uncomfortable, unfeasible to adhere, it might be easier to physically move all mobiles devices to a distant physical location such as a different room and close the door and/or to power mobile devices.

|-

​

! scope="row"| '''Activism'''

|

* Support user hardware freedom and software freedom. This is because non-freedom lead to this mess.

* Be aware, spread awareness about the [[Miscellaneous_Threats_to_User_Freedom#War_on_General_Purpose_Computing|war on general purpose computing]].

| Support of hardware and software producers that respect user freedom and privacy.

|-

​

! scope="row"| '''Control'''

|

* Maintain physical control of the device by having it either on your person or in secure storage.

* Avoid connecting mobile devices to unknown, removable media.

| Partial protection against close access physical attacks.

|-

​

! scope="row"| '''Conversations'''

| Avoid having sensitive conversations near mobile devices.

| Near-complete protection against eavesdropping threats (if the device is compromised).

|-

​

|}

​

=== Hardware ===

'''Table:''' ''Mobile Devices Hardware Best Practices''

​

{| class="wikitable"

|-

! scope="col"| '''Setting / Behavior'''

! scope="col"| '''Recommendation'''

! scope="col"| '''Security Benefit'''

|-

​

! scope="row"| '''Bluetooth'''

|

* Disable Bluetooth when it is not in use, or preferably never activate it.

* Note that Airplane mode does not always disable Bluetooth.

* Physically remove Bluetooth chip(s) if possible.

|

* Near-complete protection against malicious networks / close access network attacks, and collection of call / text / data over network (when cellular and Wi-Fi networks are also disabled).

* Partial protection against intercepts / untrusted cellular networks, and geolocation of the device.

|-

​

! scope="row"| '''Baseband audited'''

| Devices with audited baseband chips should be used.

| Mitigation of the [[#baseband_backdoor|baseband backdoor]].

|-

​

! scope="row"| '''Case'''

|

* Consider using a protective case that "drowns" (mutes) the microphone to protect again potential eavesdropping.

* Cover the camera when it is not in use.

| Near-complete protection against room audio/video collection.

|-

​

! scope="row"| '''Cameras'''

| [[Hardware_Threat_Minimization#Webcams|Front cameras, back cameras and webcams should be physically removed.]] With some devices, a USB webcam can be attached during times when this is needed.

| Reduces risk of surveillance by compromised mobiles.

|-

​

! scope="row"| '''Google Play Services'''

|

* Avoid Google Play Services due to [[Mobile_Phone_Security#Espionage_Data_Harvesting|Espionage Data Harvesting]].

* Prefer de-googled devices. Or better, prefer mobile operating systems from a linage that did not ever include Google, if available.

| Much higher privacy.

|-

​

! scope="row"| '''Location'''

|

* Disable location services either permanently or only activate it when necessary.

* Do not take mobile devices to sensitive locations or activities.

* Physically remove GPS chips if possible.

|

* Partial protection against geolocation of the mobile device.

* Near-complete protection against room audio/video collection.

|-

​

! scope="row"| '''Microphones'''

| [[Hardware_Threat_Minimization#Microphones|Microphones should be physically removed.]] In some cases, a headphone can be connected during times when a microphone is needed.

| Reduces risk of eavesdropping by compromises mobiles.

|-

​

! scope="row"| '''Motion sensor (accelerometer)'''

| Motion sensor (accelerometer) should be physically removed [[#Mobile Devices Hardware Risks|since it can be turned into a microphone]] if possible <ref>

https://dl.acm.org/doi/abs/10.1145/3448300.3468499

</ref> and [https://www.wired.com/story/mobile-websites-can-tap-into-your-phones-sensors-without-asking/ mobile websites can use it even without permission].

| Reduces risk of eavesdropping by mobile websites, apps and compromises devices.

|-

​

! scope="row"| '''Speakers'''

| [[Hardware_Threat_Minimization#Speakers|Speakers should be physically removed since speakers can be turned into microphones.]] In some cases, a headphone or speaker can be connected during times when a audio output is needed.

| Reduces risk of eavesdropping by compromises mobiles.

|-

​

! scope="row"| '''Sim Cards'''

| Sim cards should be avoided.

| Reduces risk of location tracking.

|-

​

! scope="row"| '''Trusted Accessories'''

|

* Only use the original charging cords or accessories or those purchased from a trusted manufacturer.

* Avoid public USB charging stations.

* Do not connect mobile devices to sensitive computers, whether it is via a physical connection, Wi-Fi or Bluetooth.

| Partial protection against close access physical attacks or supply chain attacks.

|-

​

! scope="row"| '''Wi-Fi'''

|

* Avoid connecting to public Wi-Fi networks.

* Disable Wi-Fi when it is unneeded.

* Delete unused Wi-Fi networks.

* Remove Wi-Fi chips if possible and use wired connections instead. With some devices, a USB Wi-Fi stick can be attached during times when this is needed.

* See also [[Router and Local Area Network Security]].

|

* Avoiding public networks provides partial protection against: zero-click exploits, malicious Wi-Fi networks / close access network attacks, call / text / data collection over network, and geolocation of the mobile device.

* Disabling Wi-Fi and cellular networks provides:

** Near-complete protection against malicious Wi-Fi networks / close access network attacks, and collection of call / text / data over network.

** Partial protection against intercepts / untrusted cellular networks, and geolocation of the device.

|-

​

|}

​

=== Software ===

​

'''Table:''' ''Mobile Devices Software Best Practices''

​

{| class="wikitable"

|-

! scope="col"| '''Setting / Behavior'''

! scope="col"| '''Recommendation'''

! scope="col"| '''Security Benefit'''

|-

​

! scope="row"| '''Applications'''

|

* Install a minimal number of applications and only those which are essential.

* Remove unnecessary, default applications if possible. If this is not feasible, then disable the application in settings.

* Only install software from official application stores.

* Be cautious if entering personal data into applications; use false information if possible.

* Fully close (exit) applications when they are not in use.

* Keep all software and applications updated.

| Official store application updates provide partial protection against:

* spearphishing

* malicious applications

* intercepts / untrusted cellular networks

* room audio / video collection

* call / text / data collection over network

* geolocation of device

Updated software and applications provide partial protection against:

* spearphishing

* malicious applications

* zero-click exploits

* malicious Wi-Fi network / close access network attacks

* intercepts / untrusted cellular networks

* room audio / video collection

* close access physical attacks

|-

​

! scope="row"| '''Attachments / Links'''

| Do not open unknown email attachments and links:

* Even verified contacts might send malicious content, either accidentally or following a compromise.

* Malicious actors can impersonate a known contact.

| Partial protection against spearphishing and malicious applications.

|-

​

! scope="row"| '''Biometrics'''

| As noted in the [[Two-factor_authentication_2FA#Implementations|2FA]] chapter, do not rely on biometric IDs to protect information or for authentication. <ref>Notably the IC guide only recommends biometrics to protect low-value information.</ref>

|

* Biometric IDs cannot ever be changed if compromised.

* Volunteering of biometric data is a privacy intrusion and risk.

|-

​

! scope="row"| '''IOMMU'''

| Devices which unaudited baseband processors should at lease use IOMMUs and have their operating systems configure them in a way that effectively mitigates the threat.

| Mitigation of the [[#baseband_backdoor|baseband backdoor]].

|-

​

! scope="row"| '''Key Generation'''

|

​

* Avoid using mobile devices to generate keys such as cryptocurrency wallets.

* This does not apply to user generated passwords since these do not require mobile devices supplied entropy.

| Reduces risk of weak keys due to broken/compromised [[Dev/Entropy|random number generator risks]] due to [[Hardware_Threat_Minimization#Advanced_Threats|advanced hardware threats]].

|-

​

! scope="row"| '''Modification'''

| Avoid [https://en.wikipedia.org/wiki/IOS_jailbreaking jailbreaking] or [https://en.wikipedia.org/wiki/Rooting_(Android) rooting] mobile devices.

| This process can lead to security weaknesses, undermine built-in security measures, and increase the risk of infection by viruses and malware (since software can be installed that is not vetted by hardware manufacturers).

|-

​

! scope="row"| '''Passwords'''

|

* Use strong lock-screen pins/passwords at least six digits long.

* Set the device to automatically lock after five minutes.

* Enforce a setting so the device is wiped after ten incorrect password attempts.

| Partial protection against close access physical attacks.

|-

​

! scope="row"| '''Pop-ups'''

| Unexpected pop-ups are usually malicious -- follow advice for your particular device (such as [https://support.google.com/chrome/answer/2765944?hl=en&co=GENIE.Platform%3DAndroid Android]) to safely remove the offending software. <ref>This normally involves closing all applications, restarting the device in "Safe mode", deleting recently downloaded applications, and restarting the device to check it functions normally. The device can also be scanned for security threats.</ref>

| Provides partial protection against the theft of personal or sensitive information, or other malicious activities.

|-

​

! scope="row"| '''Power'''

| On a weekly basis, power the mobile device off and then on again.

| Partial protection against spearphishing and zero-click exploits.

|-

​

! scope="row"| '''Operating System'''

| Choose a secure, user privacy and freedom respecting mobile operating system, if available. See also [[Mobile Operating System Comparison]].

| Security, privacy, user freedom.

|-

​

! scope="row"| '''Text Messages and Video / Voice Calls'''

|

* Text messages or video/voice calls using cellular networks are completely insecure, so avoid any sensitive communications via this method.

* Use encrypted text, voice and data applications.

| Partial protection against:

* malicious Wi-Fi networks / close access network attacks

* intercepts / untrusted cellular networks

* call / text / data collection over network

|-

​

|}

​