4 - Securing your apps, software and internet services

Location settings

These settings may change with new updates.

How to secure your Android phone

Switch off Wireless and GPS location (under Location Services) and mobile data (this can be found under Settings -> Personal -> Location).

Note: Only turn on location settings as you need them. It is important to have these services turned off by default as this will reduce the risk of location tracking, save battery power and reduce unwanted data streams initiated by applications running in the background or remotely by your mobile carrier. (Taken from: https://securityinabox.org/en/guide/basic-setup/android)

See Turn Off Location Services through Settings

How to secure your iPhone

Switch off Wireless and GPS location:

Settings > Privacy > Location Services and either turn off all Location Services using the Location Services slider or use the individual sliders for each location-aware app or item on your device. To disable Location Services for all websites, turn off Location Services for the Safari app.

See How to Turn Off Location Services on iOS

Managing what applications can access on your phone

Many apps use information on your phone after they have been installed. Usually, the app will ask you for permission to use data such as your e-mail address, address book, and photos. If you are trying to stay private it is best that you do not allow these apps to access your information.

The applications which are offered in the official online store are, supposedly, verified by store owners (Google or Apple), but in reality this provides weak protection against what applications will do after being installed on your phone. For example, some applications may copy and send out your address book after they are added.

On Android phones, each application needs to request what it will be permitted to do when it is in use. This happens during the installation process. You should pay close attention to what permissions are requested, and if these permissions make sense for the function of the app you are installing. For example, if you are considering a "newsreader" application and you find out that it requests the rights to send your contacts to a third party, you should look for alternative applications with appropriate access and rights.

Google collects a lot of accurate data and information from its users, such as location and other personal details. This means that it is advisable to protect your data from Google, if you use Gmail or Google+ or even if you have an Android phone and download apps from the Google Play Store. When you download an app from the Play Store, you allow the app to view and use your information however it wants to.

Some users may want to consider these alternative sites to minimize online contact with Google. One of the alternative stores is F-Droid ('Free Droid'), which only provides FOSS applications. However please remember that you should always trust a site before you download any apps from it. For inexperienced users, we recommend that you use the Google Play Store.

A few tools for securing voice communication

Voice over Internet Protocol

Voice over Internet Protocol (VoIP) is generally free or inexpensive to use, although it requires heavy amounts of data usage and a reliable internet connection to work most efficiently. All parties need to have the application or software installed on their device. In general, they leave few data traces and, if secured, can be one of the safest ways to communicate.

Signal by Open Whisper Systems is a free and open-source encrypted voice calling and instant messaging application for Android, iOS and Desktop. It uses end-to-end encryption to secure all communications to other Signal users. Signal can be used to send and receive encrypted instant messages, group messages, attachments and media messages. Users can independently verify the identity of their messaging correspondents by comparing key fingerprints. See How to Initiate an Encrypted Call using Signal on Android as well as iPhone.

Signal Private Messenger - Android Apps on Google Play Signal - Private Messenger on the App Store - iTunes - Apple Signal for Desktop Security Tips Every Signal User Should Know

Skype The most popular commercial Voice over Internet Protocol (VoIP) application, Skype, is available for all smartphone platforms. Skype alone is not considered the most secure form of VoIP communication, but when used in conjunction with a Virtual Private Network (VPN), its security increases considerably. For options that are considered secure without the use of a VPN, see below.

Other VoIP tools

• Open Secure Telephony Network (OSTN) and the server provided by the Guardian project, ostel.co, currently offers one of the most secure means to communicate via voice. Knowing and trusting the entity that operates the server for your VoIP communication needs is an important consideration.
• Talky.io, Appear.in and JitsiMeet are all simple to use, secure VoIP options.
• CSipSimple is a powerful VoIP client for Android phones that is well maintained and comes with many easy set-up wizards for different VoIP services. When using CSipSimple, you never directly communicate with your contact, instead all your data is routed through the Ostel server. This makes it much harder to trace your data and find out who you are talking to. Additionally, Ostel doesn't retain any of this data, except the account data that you need to log in. All of your speech is securely encrypted and even your metadata, which is usually very hard to disguise, is blurred since traffic is proxied through the ostel.co server. If you download CSipSimple from ostel.co it also comes preconfigured for use with Ostel, which makes it very easy to install and use.

To Encrypt Your Device See Advanced Smartphone Security