FORUMS
Remove All Ads from XDA

[GUIDE] Some incredibly simple things to protect YOUR PRIVACY!

3,633 posts
Thanks Meter: 2,172
 
By NYLimited, Recognized Contributor on 24th November 2012, 11:06 PM
Post Reply Email Thread
The term "privacy" means many things in different contexts. Different people, cultures, and nations have a wide variety of expectations about how much privacy a person is entitled to or what constitutes an invasion of privacy. Information or data privacy refers to the evolving relationship between technology and the legal right to, or public expectation of, privacy in the collection and sharing of data about one's self. Privacy concerns exist wherever uniquely identifiable data relating to a person or persons are collected and stored, in digital form or otherwise. In some cases these concerns refer to how data is collected, stored, and associated. In other cases the issue is who is given access to information. Other issues include whether an individual has any ownership rights to data about them, and/or the right to view, verify, and challenge that information.

This post does not intend to address the many definitions of privacy or the many technical means of protecting and invading one's privacy. There are already many posts addressing this aspect and brief search can turn up lots of answers for you.

This post is only intended to help the least technically savvy among us in maintaining some small amount of data security and privacy without getting very technical about things. It was derived from many diverse sources on basic privacy.




Note that I do NOT have a DONATE button anywhere.
I am not looking for donations.
If you feel that you should donate something, by all means,
send it to your favorite XDA developer and/or XDA itself!
And don't be shy about the button for the many posters who were of help to you!





Recently, a friend handed me his phone and asked me to take a picture. “What’s the password?” I asked. “I don’t have one,” he said. I think I must have had a puzzled look on my face as, I suppose, I tend to grimace when someone I know tells me they’re choosing not to take one of the very simplest steps for privacy protection, allowing anyone to look through their phone with the greatest of ease, to see whichever messages, photos, and sensitive apps they please.

So, this post is for you, big guy with no password on your Galaxy/iPhone/Nexus/whatever, and for you, girl who stays signed into GMail on your boyfriend’s computer, and for you, person walking down the street having a loud conversation on your mobile phone about your recent doctor’s visit of that odd ailment you have. These are the really, really simple things you could be doing to keep casual intruders from invading your privacy.


1 Password protect your phone! It is one of the simplest things you can do to most devices (smartphones, tablets, etc.) with the least amount of effort. Many people tell me it is “annoying” to take the two seconds to type in a password each time before using the phone. Gimme a break, everyone!. Choosing not to password protect these devices is the digital equivalent of leaving your home or car unlocked. If you’re lucky, no one will take advantage of you. Or maybe the contents will be ravaged and your favorite speakers and/or secrets stolen. If you’re not paranoid enough, spend some time reading entries in Reddit, where many Internet users go to discuss issues of the heart. A good percentage of the entries start, “I know I shouldn't have, but I peeked at my gf’s phone and read her text messages, and…” Oh, and before you pick a password like "123456" or "password" do yourself a big favor and visit the Worst passwords of all time web page! No laughing allowed!


2 Turn on 2-step authentication in GMail
(that is, if you use GMail, of course). The biggest conclusion you can derive from the epic hack of Wired’s Mat Honan is that it probably wouldn't have happened if he’d turned on “2-step verification” in GMail. This simple little step turns your device into a security fob — in order for your GMail account to be accessed from a new device, a person (you?) needs a code that’s sent to your phone. This means that even if someone gets your password somehow, they won’t be able to use it to sign into your account from a strange computer. (How it works - video) Google says that millions of people use this tool, and that “thousands more enroll each day.” Be one of those people! Yes, it can be annoying if your phone battery dies or if you’re traveling. Of course, you can temporarily turn it off when you’re going to be abroad or phone-less. Alternately, you can leave it permanently turned off, and increase your risk of getting epically hacked. Which do you like better?


3 Put a Google Alert on your name!
This is an incredibly easy way to stay on top of what’s being said about you online. It takes less than a minute to do. Go here: http://www.google.com/alerts; anyone can do it easily. Google Alerts are email updates of the latest relevant Google results (web, news, etc.) based on your queries. Enter your name, and variations of your name, with quotation marks around it. Boom. You’re done. Now, that wasn't too tough, was it? I didn't think so. :-]


4 Sign out of your Facebook / Twitter / GMail / etc. account!
Do it each time you are done with your emailing, social networking, tweeting, and other forms of general time-wasting. Not only will this reduce the amount of tracking of you as you surf the Web, this also prevents someone who later sits down at your computer from loading one of these up and getting snoopy. This becomes much more important when you’re using someone else’s or a public computer. Yes, people actually forget to do this, with terrible outcomes. Incidentally, if you have the Chrome browser on your PC and you use “incognito” (Ctrl Shift N) or Internet Explorer and you use “InPrivate” (Ctrl Shift P) you will automatically be logged out when you close the window, and no cookies or passwords will be stored. Pretty cool, right?


5 Don’t give out your email address, phone number, or zip code
when asked. Hey, if some scary (or weird) looking dude in a bar asked for your phone number, you'd say no, wouldn't you? But when the person asking is a uniform-wearing employee at a local store, many people hand over their digits without hesitation. Stores often use this info to help profile you and your purchase. Yes, you can say no. If you feel badly about it, just pretend the employee is that scary looking dude!


6 Change Your Facebook settings to “Friends Only.”
I really thought that by now, with the many Facebook privacy stories which have been published, everyone would have their accounts locked down and boarded up like a cheap Florida house before a hurricane. Not so. There are still lots and lots of people on Facebook who are as exposed on the internet as Katy Perry at that water park. Go to your Facebook privacy settings and make sure the “default privacy” setting isn't set to "public"! If it’s set to “Custom” make sure you know and understand any “Networks” you’re sharing with.


7 Use unique passwords for every site you go to
. This sounds really difficult but - surprise - it is quite simple! Password managers come in many sizes and flavors these days. They will generate complex passwords and remember them for you. Protect yourself against phishing scams, online fraud, and malware. Many of these apps have versions you can use on your computer as well as on your tablet and phone. Some are free and some cost money. Your choice. Here, let me show you how simple it is to find a bunch of them: http://bit.ly/V4xehO! As I said, there are many - the one I use is this one here.


8 Clear your browser history and cookies
on a regular basis. Do you remember the last time you did that? If you just shrugged, consider changing your browser settings so it is automatically cleared every session. Go to the “privacy” setting in your Browser’s “Options.” Tell it to “never remember your history.” This will reduce the amount you’re tracked online. Consider one of the several browser add-ons, like TACO, to further reduce tracking of your online behavior.


9 Read the posted privacy policy
. Boring, isn't it? Every web site has one and likely for a good reason. Have you ever seen the XDA Privacy Policy? Yup, that's just what I thought!




In conclusion, here's one from the Wall Street Journal's Law Blog.
As I said, this is not a technical article but it may make you think if it does the job right.



Sixth Circuit: No Expectation of Privacy in Cell Phone GPS Data

Drug dealers, beware. Your pay-as-you-go phones probably have GPS. And, according to a federal appeals court in Cincinnati, police can track the signal they emit without a warrant.

The U.S. Court of Appeals for the Sixth Circuit ruled that the Drug Enforcement Administration committed no Fourth Amendment violation in using a drug runner’s cellphone data to track his whereabouts. The DEA obtained a court order to track Melvin Skinner’s phone, after finding his number in the course of an investigation of a large-scale drug trafficking operation.

The DEA didn’t know much about Mr. Skinner or what he looked like. They knew him as Big Foot, the drug mule, and they suspected he was communicating with the leader of the trafficking operation via a secret phone that had been registered under a false name. Agents used the GPS data from his throw-away phone to track him, and he was arrested in 2006 at a rest stop near Abilene, Texas, with a motorhome filled with more than 1,100 pounds of marijuana.

Mr. Skinner was convicted of drug trafficking and conspiracy to commit money laundering. On appeal, he argued that the data emitted from his cell phone couldn’t be used because the DEA failed to obtain a warrant for it, in violation of the Fourth Amendment.

The question in the case was whether Mr. Skinner had a reasonable expectation of privacy in the data his phone emitted. It’s a question that several courts are wrestling with. Federal law enforcement authorities, as in this case, say that investigators don’t need search warrants to gather such information.

Justice Department lawyers argued in a court brief that “a suspect’s presence in a publicly observable place is not information subject to Fourth Amendment protection.”

Judge John M. Rogers, writing for the majority, agreed:

There is no Fourth Amendment violation because Skinner did not have a reasonable expectation of privacy in the data given off by his voluntarily procured pay-as-you-go cell phone. If a tool used to transport contraband gives off a signal that can be tracked for location, certainly the police can track the signal. The law cannot be that a criminal is entitled to rely on the expected untrackability of his tools. Otherwise, dogs could not be used to track a fugitive if the fugitive did not know that the dog hounds had his scent. A getaway car could not be identified and followed based on the license plate number if the driver reasonably thought he had gotten away unseen. The recent nature of cell phone location technology does not change this. If it did, then technology would help criminals but not the police.

He was joined by Judge Eric L. Clay. Judge Bernice B. Donald, who concurred but disagreed with the majority’s Fourth Amendment reasoning, said the DEA couldn’t have figured out the identity of Mr. Skinner, the make and model of his vehicle or the route he would be driving without the GPS data from his phone.

“It is not accurate…to say that police in this case acquired only information that they could have otherwise seen with the naked eye,” she wrote. “While it is true that visual observation of Skinner was possible by any member of the public, the public would first have to know that it was Skinner they ought to observe.”

A lawyer for Mr. Skinner didn’t immediately respond to a request for comment.






Comments? Suggestions? Ideas? They are all welcome.
Flame wars (relating to privacy or otherwise) are not. :-]

The Following 58 Users Say Thank You to NYLimited For This Useful Post: [ View ] Gift NYLimited Ad-Free
 
 
24th November 2012, 11:10 PM |#2  
NYLimited's Avatar
OP Recognized Contributor
Flag 40.75659° N 73.98626° W
Thanks Meter: 2,172
 
Donate to Me
More
[GUIDE] Some incredibly simple things to protect YOUR PRIVACY - Part 2

Cameras on smart phones, getting better with each generation of new devices, allow people to take pictures or videos on the go and transmit these images by e-mail or post them to the Web. With phone in hand, unexpected sightings of celebrities can be snared with a flick of the wrist (turning the celled into the 'snaparazzi'), as can chance encounters with pretty girls or gorgeous sunsets. Their impact can be great for both good and evil.

Not too long ago two men lit themselves on fire in protest. But only one of them is credited with starting a revolution.

The difference between the two? Mobile phones recorded Mohamed Bouazizi, a Tunisian fruit vendor, as he set himself ablaze in despair over his economic plight. Those videos kicked off the wave of 2011 Arab Spring demonstrations.

Abdesslem Trimech, the other man, fell into relative obscurity. (Source: The Mobile Wave: How Mobile Intelligence Will Change Everything by Michael Saylor)



Back in 2005, a retail fraud investigator for one of the larger chain stores said that while he was still unable to capture a usable image of a credit card from even the then newer camera phones, he has been able to grab readable images of all account and routing info from the personal checks customers have produced at the checkout. Check writers, he says, have a tendency to "lay out" their check books on the writing counter at the registers and keep them stationary enough to obtain a clear image of all the personal information printed on the check. He has also tested this theory with camera-equipped palm tops and has found that with the adjustable resolution he has been able to get a pretty clear picture, with zoom, from a reasonable distance away (3-5 feet). So at this point in time, as phone cameras get better and better, your credit card might still be secure but your personal check might not be.


So, what personal information does your mobile phone reveal about you? Do you know? Do you care?

It seems that many people are slowly becoming more aware of the pitfalls and the mobile-privacy concerns.

According to reports, 54% of cell phone users in the U.S. have decided not to install an app once they discovered how much of their personal information it would access. (The amount of sensitive info an app can access typically is indicated by the "permissions" the app requests, listed on its information page.)

Also, nearly one-third of mobile app users report uninstalling an app from their phone because they learned it was collecting personal information they didn't wish to share.

We need to first be aware and also be willing to actively take steps in order to protect our own privacy. Children of all ages need to be carefully taught as well.


Okay, but what about students? Do students have an expectation of privacy on their cell phones while at school?

The short answer to this in the U.S. is a qualified yes. Whether educators have the authority to search the contents of student cell phones depends on a lot of factors. The key issue in this is the standard of reasonableness. According to New Jersey v. T.L.O (1985) students are protected by the Fourth Amendment to the U.S. Constitution which protects citizens against unreasonable searches and seizures. In T.L.O., the Supreme Court goes on to say that the standard that law enforcement officers must reach to conduct a search (probable cause that a crime has been committed), is not required of educators. In general, the standard applied to school officials is whether the search is “justified at its inception and reasonable in scope.” (See When can educators search student cell phones)





What information should children be taught NEVER to reveal?
The suggestions depend on their age. Common 'wisdom' suggests the following:



Elementary School Kids should NEVER share (their own or another’s):
  • Age
  • Full Name
  • Address
  • Phone Number
  • Name of School
  • Password Information
  • Images (with possible exception depending on parental involvement)


Middle School Kids should NEVER share (their own or another’s):
  • Age
  • Full Name
  • Address
  • Phone Number
  • Name of School
  • Password Information (even to friends)
  • Most Images (At this age, kids get into social networking and will be sharing images via cell phones and digital cameras. Parents should focus on limiting the images their children share online)


High School Kids should NEVER share (their own or another’s):
  • Address
  • Phone Number
  • Password Information (even to friends)
  • Offensive or Sexually Suggestive Images or Messages



If you managed to get this far there must have been something that concerned you.
Congratulations! Learning more about privacy is the first step.


Here's one more little trick you might try since you spent all the time getting here.


Want to have an unlisted phone but would not like to have to pay monthly for it? Ask your phone company to replace your last name with another name - your grandmother’s maiden name or something that you never use. This will cost a few dollars, but works very well. Many phone companies will do this for you. No monthly fees for having your number unlisted and as soon as you hear someone calling you Mr. {your grandmother’s maiden name}, you can either block the number or request to be put on the company’s Do Not Call List or <fill in the blank of your choice>. Note that Caller ID takes its information from the phone book, so you will be identified as Mr. {your grandmother’s maiden name} on Caller ID units of people you call unless you turn this feature off.

Another helpful addition to the listing (available in some areas) is: "(data line)", meaning that the phone number is connected to a fax or computer and not to a live person. Check with your local company if this option is available.


Some time ago, in a concerted effort, multiple ACLU affiliates filed a total of 381 Freedom of Information Act (FoIA) requests in 32 states, asking local law enforcement agencies to disclose how they are using mobile phone location data.

The FoIA request in North Carolina struck gold: a copy of an official Department of Justice flyer, dated August 2010 that explains exactly what data is retained by Verizon Wireless, T-Mobile, AT&T, Sprint, and Sprint division Nextel. There's an enhanced copy on the ACLU website.

The eye-openers:
  • All of the mobile phone companies keep details about the location of cell towers used by every phone, for a year or longer.
  • All of the mobile phone companies keep records about voice calls and text messages received and sent for a year or longer. Verizon stores the contents of every text message for three to five days. (The others don't keep the text.)
  • IP session information -- tying your phone to an IP address -- is kept for a year by Verizon and 60 days on Sprint and Nextel.
  • IP destination information -- which IP addresses you connected to -- is stored for 90 days at Verizon and 60 days on Sprint and Nextel.

The ACLU is gathering information on what steps local police have to go through in order to acquire that stored data: warrants, formal requests, emergencies, possibly even informal procedures. They're also trying to figure out how law enforcement agencies share the data and how long it is retained.

There doesn't appear to be any sort of uniform nationwide policy or widespread judicial precedent.

The ACLU is also looking at law enforcement requests to "identify all of the cell phones at a particular location" and "systems whereby law enforcement agents are notified whenever a cell phone comes within a specific geographic area."

If you have been concerned about privacy and location data being leaked sporadically on your iOS or Android or Windows Phone device it seems you have been looking at very, very small potatoes!




Comments? Suggestions? Ideas? They are all welcome.
Flame wars (relating to privacy or otherwise) are not. :-]



The Following 22 Users Say Thank You to NYLimited For This Useful Post: [ View ] Gift NYLimited Ad-Free
24th November 2012, 11:11 PM |#3  
NYLimited's Avatar
OP Recognized Contributor
Flag 40.75659° N 73.98626° W
Thanks Meter: 2,172
 
Donate to Me
More
[ Another place holder ]

25th November 2012, 12:52 AM |#4  
Szczepanik's Avatar
Senior Member
Thanks Meter: 587
 
More
Thumbs up [GUIDE] Some Incredibly Simple Things To Protect Your Privacy!
If you find this thread helpful then do not forget to
Rate: *****
Submit thread as News Tip

If you find a particular post is helpful, please click on the Thanks button
If you are using XDA App or Tapatalk, long press on the post and select Thanks

Thanks ny_limited - I just did all these!
Cheers
Tom
25th November 2012, 04:49 AM |#5  
NYLimited's Avatar
OP Recognized Contributor
Flag 40.75659° N 73.98626° W
Thanks Meter: 2,172
 
Donate to Me
More
Quote:
Originally Posted by Szczepanik

If you find this thread helpful then do not forget to
Rate: *****
Submit thread as News Tip

If you find a particular post is helpful, please click on the Thanks button


If you are using XDA App or Tapatalk, long press on the post and select Thanks

Thanks ny_limited - I just did all these!
Cheers
Tom

Appreciate the kind works, Tom, but.. This thread is for the non-technical ones among us. I suspect you are more technical than I am thus you hardly qualify to be here.
The Following User Says Thank You to NYLimited For This Useful Post: [ View ] Gift NYLimited Ad-Free
25th November 2012, 05:58 AM |#6  
OTAw's Avatar
Senior Member
Flag Chicago
Thanks Meter: 63
 
More
Thanks for the tips.

For extra protection, there's quite a few security apps on the market that will lock whatever information sensitive apps you want locked, usually with the same security options that your phone offers i.e. Password, PIN, pattern etc.

Just search "app lock" in the play store, for those interested.

--> dominating your screen from my t-mobile gs3, powered by: FreeGS3 R7 "Resurrection"
The Following User Says Thank You to OTAw For This Useful Post: [ View ] Gift OTAw Ad-Free
25th November 2012, 02:45 PM |#7  
JokerAce's Avatar
Senior Member
Flag Teleporting..
Thanks Meter: 704
 
Donate to Me
More
Complacency is one thing that most if not all internet/mobile/computing user have. I always advocate "Do not remember my password" while browsing from any form of medium to my friends. You never know when you will get compromised. Just leave your computer for a moment, your friend with malicious intent can extract all your private information with a simple and obtainable usb trick..

Even the thing most personal to me, my mobile phone, has no sites on "Log me in always" checked.

I hope websites would leave the box unchecked, as sites I visit always encourage user to have that option enabled. E.g. Ebay, Facebook..
The Following User Says Thank You to JokerAce For This Useful Post: [ View ] Gift JokerAce Ad-Free
26th November 2012, 07:14 AM |#8  
NYLimited's Avatar
OP Recognized Contributor
Flag 40.75659° N 73.98626° W
Thanks Meter: 2,172
 
Donate to Me
More
Post # 2 has been updated just in case you need more reading material.
26th November 2012, 07:40 PM |#9  
Junior Member
Thanks Meter: 9
 
More
Quote:
Originally Posted by ny_limited

Post # 2 has been updated just in case you need more reading material.

like 1 better
27th November 2012, 01:19 AM |#10  
NYLimited's Avatar
OP Recognized Contributor
Flag 40.75659° N 73.98626° W
Thanks Meter: 2,172
 
Donate to Me
More
Quote:
Originally Posted by coohdeh

like 1 better

Agreed. I guess I really didn't need the 3rd placeholder after all.


---
Spes in virtute est. (via XDA app)
29th November 2012, 08:59 PM |#11  
NYLimited's Avatar
OP Recognized Contributor
Flag 40.75659° N 73.98626° W
Thanks Meter: 2,172
 
Donate to Me
More
This article is just over a year old but still makes good reading if you haven't seen it yet.

Quote:

Few people would willingly carry around a device that tracks their movements, records their conversations, and keeps tabs on all the people they talk to. But, according to documents recently released by the American Civil Liberties Union, cell phone companies are doing all of that -- and may be passing the information on to law enforcement agencies.

"Retention Periods of Major Cellular Service Providers," an August 2010 document produced by the Department of Justice, outlines the types of information collected by various cell phone companies, as well as the amount of time that they retain it. On some levels, this is reassuring: Verizon (VZ) is the only company that holds on to text message content, and they erase it after 3-5 days. However, text message details -- the information about who you text with -- is retained for a minimum of a year, with some companies keeping it for up to seven years. In other words, that little back-and-forth you had with Bernie Madoff back in 2007 will be on the books until 2014.

Complete article is here

Post Reply Subscribe to Thread

Tags
privacy noob password

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes