Skip to content
Published April 16, 2018

Is there such a thing as privacy any more?  The Facebook data leak of 2018 might make it look impossible to maintain effective security and privacy on your Gemini, but with a little time and effort spent you can quite effectively create a device that doesn’t leak all manner of personal data about you.

To start looking at privacy on Android it’s necessary to consider what data about you is regularly broadcast from your device.  This begins with your installed apps.  Every time you install an app from the Google Play Store it will ask for permissions.  The total range of permissions it could seek are extensive, and can cover everything from accessing your photos and personal identity information, to modifying Android system settings.

Android is also constantly sharing your location with Google’s servers.  This can be extremely useful, especially if you use mapping a lot, or for helping trace your missing Gemini if it is lost or stolen.  Google also use access to your personal information to serve you targeted adverts.

It’s possible to manage your privacy and security on Android however, though it’s worth noting that really aggressively managing security can affect the experience you can have with some apps and services.  For more on this see my Creating a Black Edition Gemini at the bottom of this article.

Choose Your Apps Carefully

It’s true that a great many apps in the Google Play Store are free, but what does free really mean?  It might mean they just offer in-app purchases, or it could mean that they server adverts to you, or want information about you.  This information, which we all freely give away can be legally sold to third-parties in many parts of the world, so you could be giving away a lot more than you realised.

Choosing the apps you install therefore is crucial.  You can decide that any app that requires access to your identity or photos/media/files is a step too far and refuse to install any of those your device.

Managing App Permissions

There are two ways to manage app permissions in Android.  The first is to open Apps from the Settings panel.  This will display a list of all the installed apps on your device.  Touching an app name opens the detailed information about it, including what permissions it has been given.

You can then touch the Permissions section to change the permissions available for that app, though do bear in mind that some apps will stop working, or not function correctly unless it has the permissions it requires.  This could mean that an app is hard-wired to not function if you deny it access to your contacts (which is a bad example of an app) or you have a file manager app that won’t function if you deny it access to the Gemini file system (which is more understandable).

You can be as thorough as you want when removing permissions, as if an app really does need a specific permission in order to function or run, it will tell you the next time you start it and give you the option to activate that permission again.

The second way to manage apps involves searching in Settings for permissions.  This displays an App permissions panel with a wide range of available options.

  • Opening links displays a list of apps that are allowed to open links to websites in your browser.  You can disable this for individual apps, or for the whole device.
  • Assist and voice input is where you control the voice assistant (Google Assistant by default) that you use with your Gemini, including whether the Gemini can use voice input
  • Home app is where you can choose which “launcher” is used for your Home Screen
  • Browser app is where you can choose the default web browser
  • Phone app is where you can choose the default phone app
  • SMS app is where you can choose the default SMS messaging app
  • Special access contains additional settings
    • Device administrators lets you select what apps have full administrator access on the Gemini.  Normally this is just anti-malware and anti-theft apps such as Google’s Find my device service.
    • Modify system settings is where you can see and change which apps have permission to change core system settings on the Gemini.
    • Notification access lets you see if any apps, such as a digital assistant, have permission to access your notifications.
    • Premium SMS access is where you can see if any apps have permission to send premium-rate SMS text messages.
    • Unrestricted data access is where you can see if any apps have permission to use unrestricted data on the device.
    • Usage access contains a list of apps that have permission to access your Gemini device and battery usage data.

Managing Your Google Security

Opening the Google panel in Settings allows you to see and manage the privacy and security settings you have associated with your Google, and therefor your Gemini account.

  • Sign-in & security contains settings associated with your Google password, if two-step verification is set up (which is always a good idea), and what phone number and email address can be used as security backup if you’re ever locked out of your account.  You can also use this panel to review security information, and see what if any apps have access to your Google account.
  • Personal info & privacy is where you can see the data about you associated with your Google account.  This includes your name, date of birth, gender, phone number and email address.  You can also use this panel to see if you are sharing location data with contacts in your Google account (and possibly the sider world), and what the activity record is on your Google account.
  • Account preferences is where you can manage the credit card associated with the Google Play Store, any subscriptions you have to Google services, and it’s also where you can delete individual services (such as Gmail or YouTube) from your Google account.

There are additional services offered in the Google settings panel covering subjects such as your opting in / or out of being served targeted adverts, Android Auto if your car supports it, and integration with third-party fitness and other devices.

Maintaining Good Security

It’s not too difficult to maintain good security on your Gemini, and you can do so by following these simple rules…

  • Keep Android and your Apps up to date, it’s vital to make sure that you do not disable the default automatic updating of either the Android operating system, or your installed apps through the Play Store.  Security vulnerabilities can appear that need to be patched in order for your Gemini to remain secure.
  • Only allow app installs from the Play Store, it’s possible to easily enable developer options in Android that allow you to perform functions including side-loading apps from various sources.  The Google Play Store has apps tested for security and stability.  If you install apps from another source you risk undermining the security of your device.
  • Download an Anti-Malware app, I’m including this as it can be useful, but it’s not massively necessary so long as you only install apps from the Play Store, and are careful with what permissions you allow apps to have.  They can have useful extra features though such as anti-theft functions.
  • Don’t connect to public Wi-Fi networks unless you really have to.  Your Gemini might appear visible to other devices on that network and therefore it could become vulnerable to hacking or data theft.  Additionally, technical information about your handset could be leaked across an unsecure network.
  • Use a Password manager, again this is optional as Android contains a perfectly respectable password manager.  Passwords should be at least twelve characters in length, and contain different types of symbols and numbers.  You can view my video on how to create secure password online HERE.  Password Managers though can integrate directly with Android and your web browser, and can contain additional functionality such as allowing you to easily create very long and super-secure passwords.  To test your own password strength, visit www.HowSecureIsMyPassword.net.
  • Use Two-Factor Authentication with all the accounts that support it.  This includes Google, Microsoft and more.  Two-Factor Authentication uses a second security method, such as an SMS text message or email, to authenticate if you really do want to sign into an account for the first time on a new device.  Two-Factor Authentication can help prevent hacking and fraud on your accounts.
  • Set a Screen Lock and Password on your Gemini by opening Security in the Settings panel, and specifying if you want to use a swipe (not recommended), pattern lock, PIN, or full password to unlock your Gemini.  You can also lock the SIM card, so that if another SIM is inserted into the Gemini the device will lock completely (though this isn’t so useful if you travel a lot).
  • Set up Smart Lock, these are a series of functions that allow you to use your Gemini’s camera to unlock the device, or to have it automatically unlock when you are connected to a specific Wi-Fi network (such as home or the office), or when you have a trusted device connected to it by Bluetooth, such as a smartphone.
  • Use a VPN with your Gemini when connecting to Wi-Fi networks.  A VPN (Virtual Private Network) is a subscription service that masks the data sent from, and received by your Gemini by bouncing it around a few different servers around the world.  VPNs can increase the amount of data you use, and slow your connection speed, but they do offer additional security, especially if you find yourself having to connect to an open Wi-Fi network.

Creating a Black-Edition Gemini

At the beginning of this article I mentioned something called a Black Edition Gemini.  The term Black Edition is widely used to describe a super-secure mobile device.  Sometimes specific smartphones and mobile devices come on the market claiming to be highly secure, and they can include features such as hardware encryption of data, and an in-built VPN.

It’s possible to create your own Black Edition Gemini however with a few simple rules, and you might want to do this if you use your Gemini for particularly sensitive work, such as research, or some government role.

All of the suggestions and tools I have detailed above will apply, but additionally you should not install any apps from the Store unless they are absolutely critical to what you do.  In fact it’s possible to use the Gemini completely offline without a Google account at all.

You should also not store any files or information on a MicroSD card, as this could be removed from the device, and won’t be encrypted by the Gemini or Android.

A VPN (Virtual Private Network) should be configured to be permanently on.  You can search for VPN in the Settings panel, to get access to any installed VPN software on your device.

The rule with creating a Black Edition Gemini is that any data leakage is bad data leakage, so a convincingly configured Black Edition device would only have a few mission-critical apps installed, have all communications encrypted using a VPN, have any communications with the Internet and the outside world kept to a minimum, and would have extremely long and super-secure passwords set.

Read more about creating a Black Edition Gemini PDA.

 

One Comment

  1. Rogalian Rogalian

    Black Edition: remove ALL Google services!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: