Although it’s true that Android devices are a little more susceptible to malware attacks than iOS, the situation isn’t nearly as bad as Cook & Co. would have you believe. Yes, Android’s a wee bit insecure, but using a little bit of nous and a healthy dollop of common sense, you can make your device impervious to dastardly assaults on its dignity (and your bank account).
Yes, Android lock screens seem to be about as secure as Sony’s Playstation Network. But still, a lock screen of some description provides at least some security against casual attacks.
You get a bunch of different options for your lock screen security — pattern, pin, password and Face Unlock, on stock Android at least. Of those, password is the most faff, but also the most secure. Pin is technically more bits of entropy than pattern (theoretically, at least), but let’s be honest, no one is really going to sit there are try 10^1234123413412124123 different possibilities for your pin, are they? Sadly, pattern, while being quite cool, leaves you vulnerable to smudge attacks, which some very bored researchers proved have a 68 per cent chance of working in ‘ideal’ conditions.
But no matter what security measure you choose, it’s still gonna be better than no password at all, and it’ll stop most casual attacks. It’s worth the one second of inconvenience 50 times a day, honestly.
Same as on a Windows machine, some kind of anti-virus software is handy. You may have noticed that everyone’s been talking about BadNews recently, a fairly horrific piece of malware that infested systems through an ad service, and sent premium-rate SMS messages in order to gain its designers money. It was discovered by security firm Lookout, and (unsuprisingly) according to them, users of its product would’ve been protected against the malware.
There’s a fair few anti-malware apps out there, many of them free; we’d recommend the aforementioned Lookout, AVG or Avast. Mostly, they’ll watch out for malicious code, check installed apps against a database of naughtiness, and generally protect your phone when you subject it to your dodgy taste in Russian fetish sites.
It’s annoying, but true. Caching passwords, while incredibly handy, is also a godsend to nefarious phone-nicking youths. Recently, we received a review device here at Giz that had a bunch of previous passwords from an unnamed previous user — we had logins to his emails, social media accounts, everything. For an identity thief (or dickhead who likes screwing with people), that’s the jackpot. Of course, security measures like lock screens help, but the only foolproof method of protecting those passwords is not to save them. (Oh, and turn on two-factor authentication while you’re at it.) Generally, the apps that save passwords most are you internet browser — Chrome, in other words.
If you’ve made the (sensible) choice to root your Android device, you’ll need to be extra-careful about security. Rooting a phone allows apps to run with ‘root access’, outside the normal checks and balances introduced by Android. A malicious app with root access would be dangerous — able to do basically anything to your phone, without your knowledge (and this, kiddies, is why phones don’t come rooted out of the box).
Now, that shouldn’t put you off rooting. Rather, you need to be slightly more proactive about managing apps on your phone. When you rooted, you probably installed SuperSU or Superuser, which allows you to grant programs root access, and view which programs have been actually using their root priviledge. Be extremely careful about which apps you grant superuser permission to; only give it to trusted apps from trusted sources. It’s also worth going back through the list every now and again, to clear out any unnecessary guff.
One of the most common methods of infection on Android is downloads of dodgy apps. An anti-malware program, as mentioned above, will provide one layer of defence against dodgy apps, by flagging up anything malicious-looking.
Of course, the best protection is common sense. Thanks to Google, most apps in the Android app store are pretty clean, and the danger comes from attacks like the BadNews exploit discovered by Lookout, which infected otherwise-ok apps through the advertising system. Either way, big-name apps are more likely to be secure; installing apps from third-party sources will always be dangerous, and ultimately comes down to how naive/trusting you are.
To get on-the-spot news, app tips and the full lowdown on Samsung’s latest mobile announcements check out Samsung’s Your Mobile Life over here.