Hopefully, this series has awakened some to the need to adjust security settings, without launching into full blown paranoia. We do need a wake up call, but there’s no need for panic. The series has covered quite a bit of territory. But there are a few basics we need to look at, some fairly important.
You’re installing from where?
Android has a setting under the security settings that’s labeled “Unknown Sources.” It’s described as allowing “installation of apps from sources other than the Play Store.” If you install or try apps from places like the Amazon Appstore or maybe beta testing apps from a trusted developer, the tendency is to leave that setting on. These are trustworthy sources. And, frankly, it can be annoying to have to have to turn it on, then off again when we’re done. But let’s opt for a little aggravation in the name of security.
The “Unknown Sources” setting is big enough to drive an eighteen wheeler full of malware through. And it’s out of sight. So, if left open, it’s an easy way for hackers to get malware onto our devices. And, although systems and OSes other than Android have different ways to install from alternative sources, it’s still a “backdoor” we want to keep closed except when needed.
You’re looking for what?
Google Now does a number of handy things. It brings up Google search, a variety of user settable info cards, and a set of story links matched to your previous activities from our devices. There’s also voice search. We’re not going to see malware come in from there, but it can be a solid way for someone to gain more info about us.
If I go on Facebook and Google+ talking about a particular type of tech and my searches are mostly for that same tech area, my Google Now feed will reflect that. And I can include a card with my Google Calendar. Anyone looking at my screen can learn more about me from all that. With Android Marshmallow, there’s a setting section labeled “Google” where we can find many of the settings. That Includes the ones for “Search and Now” as well as ad settings and a bunch of others that we should at least personally examine, maybe change.
Among those “Google” settings is one marked “Location.” It’s easy enough to shut off GPS. That saves a bit of battery too. But then, if an app needs location, it can still come within a broader area by using the info from the cell tower we connect to. The “Location” setting section lists the apps that have permission to access your location info. There may be some that you feel don’t need that turned on. It’s worth checking.
If we want to be more sure of not sharing our past locations, we want to turn off the location setting for our camera app(s). If it’s included in our photo metadata, it’s easy enough for strangers to get from our publicly posted pictures.
You checked that how long ago?
There’s a couple of habits we need to make our “new normal.” One is to have a regular schedule for checking app permissions and our security settings. Whether it’s our computer or our phone, updates may change some of the settings we manually tweaked. And, if something carrying malware snuck into one of our trusted sources, the update could change important settings without announcing that fact, leaving us unaware that we’re now vulnerable.
Another “best practice” is to consistently make sure our apps and OS are up to date. We tend to think of updates as adding new features or improving performance. But those updates very often include or are solely to patch security issues. So, if we’re lax about updating, we make ourselves more vulnerable.
There’s another good reason for updating regularly. I’ve had computers that I replaced that were still usable. Often, they’d just be stored away “just in case.” And there’d be the eventual time when we envisioned a use for our hardware. Whether tablet, phone, or computer, one of two things would happen. It might not update at all because of there being too much difference between the existing OS and what it needed to be updated to. Or I’d have to keep restarting the update process because there’d be a few crashes in the process. Both problems can be avoided by updating regularly.
If you leave it, wipe it!
Our last header says it all. That’s the advice, straight from Google. We all tend to put a lot of information into our phones, tablets, and laptops. Things that, in the wrong hands, could lead to identity theft and real financial hassles. So, we need to be able to destroy that information if it might be in the hands of people whose honesty might be in question. There are either built in settings or third party apps to do that. We’ve previously discussed regularly backing up our devices. If we do that as a habit and get our device back, a full wipe might lose the most recent data, but it won’t lose everything. We can reinstall and restore.
That’s it for our series, but there’s always more to learn. We’re not looking to create paranoia. But using wisdom and having the right info and mindset will allow us to keep what’s ours instead of involuntarily sharing it. Those barn doors closing after the horse is out can be a tech reality. What are you doing to stay tech safe?