Difference between revisions of "10 Kiat Mengamankan Smartphone"
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
Line 11: | Line 11: | ||
As for other major vendors, Android Authority, the leading Android publication, found, the best vendors for keeping their phones up to date were, in order, from best to worse: LG, Motorola, HTC, Sony, Xiaomi, OnePlus, and Samsung. | As for other major vendors, Android Authority, the leading Android publication, found, the best vendors for keeping their phones up to date were, in order, from best to worse: LG, Motorola, HTC, Sony, Xiaomi, OnePlus, and Samsung. | ||
− | + | ==Lock your phone== | |
I know, it's so simple. But, people still don't do it. Trust me. You're more likely to get into trouble by a pickpocket snatching your phone and running wild with your credit-card accounts than you from malware. | I know, it's so simple. But, people still don't do it. Trust me. You're more likely to get into trouble by a pickpocket snatching your phone and running wild with your credit-card accounts than you from malware. | ||
Line 17: | Line 17: | ||
What's the best way to lock your phone? Well, it's not sexy, but the good old PIN remains the safest way. Fingerprints, patterns, voice-recognition, iris scanning, etc. -- they're all more breakable. Just don't, for the sake of Android Oreo cookies, use 1-2-3-4, as your PIN. Thank you. | What's the best way to lock your phone? Well, it's not sexy, but the good old PIN remains the safest way. Fingerprints, patterns, voice-recognition, iris scanning, etc. -- they're all more breakable. Just don't, for the sake of Android Oreo cookies, use 1-2-3-4, as your PIN. Thank you. | ||
− | + | ==Use two-factor authentication== | |
While you're securing your phone, let's lock down your Google services as well. The best way of doing this is with Google's own two-factor authentication. | While you're securing your phone, let's lock down your Google services as well. The best way of doing this is with Google's own two-factor authentication. | ||
Line 27: | Line 27: | ||
You can also make this even simpler by using Google Prompt. With this you can authorize Google apps by simply entering "yes" when prompted on your phone. | You can also make this even simpler by using Google Prompt. With this you can authorize Google apps by simply entering "yes" when prompted on your phone. | ||
− | + | ==Only use apps from the Google Play Store== | |
Seriously. The vast majority of Android malware comes from unreliable third party application sources. Sure, bogus apps make it into the Google Play Store from time to time, like the ones which messaged premium-rate text services, but they're exception, not the rule. | Seriously. The vast majority of Android malware comes from unreliable third party application sources. Sure, bogus apps make it into the Google Play Store from time to time, like the ones which messaged premium-rate text services, but they're exception, not the rule. | ||
Line 33: | Line 33: | ||
Google has also kept working on making the Play Store safer than ever. For example, Google Play Protect can automatically scan your Android device for malware when you install programs. Make sure it's on by going to Settings > Security > Play Protect. For maximum security, click Full scanning and "Scan device for security threats" on. | Google has also kept working on making the Play Store safer than ever. For example, Google Play Protect can automatically scan your Android device for malware when you install programs. Make sure it's on by going to Settings > Security > Play Protect. For maximum security, click Full scanning and "Scan device for security threats" on. | ||
− | + | ==Use device encryption== | |
The next person who wants to snoop in your phone may not be a crook, but a US Customs and Border Protection (CBP) agent. If that idea creeps you out, you can put a roadblock in their way with encryption. That may land you in hot water with Homeland Security, but it's your call. | The next person who wants to snoop in your phone may not be a crook, but a US Customs and Border Protection (CBP) agent. If that idea creeps you out, you can put a roadblock in their way with encryption. That may land you in hot water with Homeland Security, but it's your call. | ||
Line 41: | Line 41: | ||
By the way, the CBP also states "border searches conducted by CBP do not extend to information that is located solely on remote servers." So, your data may actually be safer in the cloud in this instance. | By the way, the CBP also states "border searches conducted by CBP do not extend to information that is located solely on remote servers." So, your data may actually be safer in the cloud in this instance. | ||
− | + | ==Use a Virtual Private Network== | |
If you're on the road -- whether it's your local coffee shop or the remote office in Singapore -- you're going to want to use free Wi-Fi. We all do. We all take big chances when we do since they tend of be as secure as a net built out of thread. To make yourself safer you'll want to use a mobile Virtual Private Network (VPN). | If you're on the road -- whether it's your local coffee shop or the remote office in Singapore -- you're going to want to use free Wi-Fi. We all do. We all take big chances when we do since they tend of be as secure as a net built out of thread. To make yourself safer you'll want to use a mobile Virtual Private Network (VPN). | ||
Line 47: | Line 47: | ||
In my experience, the best of these are: F-Secure Freedome VPN, KeepSolid VPN Unlimited, NordVPN, Private Internet Access, and TorGuard. What you don't want to do, no matter how tempted you may be, is to use a free VPN service. None of them work worth a darn. | In my experience, the best of these are: F-Secure Freedome VPN, KeepSolid VPN Unlimited, NordVPN, Private Internet Access, and TorGuard. What you don't want to do, no matter how tempted you may be, is to use a free VPN service. None of them work worth a darn. | ||
− | + | ==Password management== | |
When it comes to passwords, you have choices: 1) use the same password for everything, which is really dumb. 2) Write down your passwords on paper, which isn't as bad an idea as it sounds so long as you don't put them on a sticky note on your PC screen; 3) Memorize all your passwords, not terribly practical. Or, 4) use a password management program. | When it comes to passwords, you have choices: 1) use the same password for everything, which is really dumb. 2) Write down your passwords on paper, which isn't as bad an idea as it sounds so long as you don't put them on a sticky note on your PC screen; 3) Memorize all your passwords, not terribly practical. Or, 4) use a password management program. | ||
Line 53: | Line 53: | ||
Now Google comes with one built-in, but if you don't want to put all your security eggs in one cloud basket, you can use other mobile password management programs. The best of the bunch are: LastPass, 1Password, and Dashlane. | Now Google comes with one built-in, but if you don't want to put all your security eggs in one cloud basket, you can use other mobile password management programs. The best of the bunch are: LastPass, 1Password, and Dashlane. | ||
− | + | ==Use anti-virus software== | |
While Google Play Protect does a good job of protecting your phone, when it comes to malware protection I believe is using a belt and suspenders. For my anti-virus (A/V) suspenders, I use Germany's AV-TEST, an independent malware detection lab, results as my guide. | While Google Play Protect does a good job of protecting your phone, when it comes to malware protection I believe is using a belt and suspenders. For my anti-virus (A/V) suspenders, I use Germany's AV-TEST, an independent malware detection lab, results as my guide. | ||
Line 59: | Line 59: | ||
So, the best freeware A/V program today is Avast Mobile Security & Antivirus. It's other security features, like its phone tracker, doesn't work that well, but it's good at finding and deleting malware. The best freemium A/V software is Norton Mobile Security. All its components work well and if you elect to go for the full package, it's only $25 for 10 devices. | So, the best freeware A/V program today is Avast Mobile Security & Antivirus. It's other security features, like its phone tracker, doesn't work that well, but it's good at finding and deleting malware. The best freemium A/V software is Norton Mobile Security. All its components work well and if you elect to go for the full package, it's only $25 for 10 devices. | ||
− | + | ==Turn off connections when you don't need them== | |
If you're not using Wi-Fi or Bluetooth, turn them off. Besides saving some battery life, network connections can be used to attack you. The BlueBorne Bluetooth hackers are still alive, well, and ready to wreck your day. Don't give it a chance. | If you're not using Wi-Fi or Bluetooth, turn them off. Besides saving some battery life, network connections can be used to attack you. The BlueBorne Bluetooth hackers are still alive, well, and ready to wreck your day. Don't give it a chance. | ||
Line 65: | Line 65: | ||
True, Android was patched to stop this attack in its September 2017 release. Google's device family got the patch and Samsung deployed it. Has your vendor protected your device yet? Odds are they haven't. | True, Android was patched to stop this attack in its September 2017 release. Google's device family got the patch and Samsung deployed it. Has your vendor protected your device yet? Odds are they haven't. | ||
− | + | ==If you don't use an app, uninstall it== | |
Every application comes with its own security problems. Most Android software vendors do a good job of updating their programs. Most of them. If you're not using an application, get rid of it. The fewer program doors you have into your smartphone, the fewer chances an attacker has to invade it. | Every application comes with its own security problems. Most Android software vendors do a good job of updating their programs. Most of them. If you're not using an application, get rid of it. The fewer program doors you have into your smartphone, the fewer chances an attacker has to invade it. | ||
If you follow up with all these suggestions, your phone will be safer. It won't be perfectly safe -- nothing is in this world. But, you'll be much more secure than you are now, and that's not a small thing. | If you follow up with all these suggestions, your phone will be safer. It won't be perfectly safe -- nothing is in this world. But, you'll be much more secure than you are now, and that's not a small thing. |
Revision as of 15:36, 24 March 2018
Smartphone yang paling aman adalah smartphone Android. Jangan beli itu? Versi terbaru Apple dari iOS 11 sudah berhasil di crack dalam waktu sehari - satu hari! - setelah dirilis.
Jadi Android itu sempurna? Tentu saja TIDAK! Android berada di dalam serangan terus menerus dan versi lama jauh lebih rentan daripada yang baru. Terlalu banyak vendor smartphone masih tidak mengeluarkan patch keamanan bulanan Android secara tepat waktu, atau malah sama sekali tidak mengeluarkan patch. Dan, serangan zero-day masih muncul.
Jadi, apa yang dapat anda lakukan untuk melindungi diri sendiri? Sebenarnya banyak. Berikut adalah 10 cara terbaik untuk menjaga anda dan perangkat Android anda agar aman dari serangan. Banyakkan sebetulnya cukup sederhana, tetapi keamanan sebenarnya lebih tentang melakukan hal-hal yang aman daripada trik keamanan yang rumit.
Hanya beli smartphone dari vendor yang merilis patch Android dengan cepat
I recently got a Google Pixel 2. There were many reasons for this, but number one with a bullet was that Google makes sure its smartphones, such as the Pixel, the Pixel 2, Nexus 5X, and 6P get the freshest updates. This means they get the newest security patches as they're released.
As for other major vendors, Android Authority, the leading Android publication, found, the best vendors for keeping their phones up to date were, in order, from best to worse: LG, Motorola, HTC, Sony, Xiaomi, OnePlus, and Samsung.
Lock your phone
I know, it's so simple. But, people still don't do it. Trust me. You're more likely to get into trouble by a pickpocket snatching your phone and running wild with your credit-card accounts than you from malware.
What's the best way to lock your phone? Well, it's not sexy, but the good old PIN remains the safest way. Fingerprints, patterns, voice-recognition, iris scanning, etc. -- they're all more breakable. Just don't, for the sake of Android Oreo cookies, use 1-2-3-4, as your PIN. Thank you.
Use two-factor authentication
While you're securing your phone, let's lock down your Google services as well. The best way of doing this is with Google's own two-factor authentication.
Here's how to do it: Login-in to your Google account and head to the two-step verification settings page. Once there, choose "Using 2-step verification" from the menu. From there, follow the prompts. You'll be asked for your phone number. You can get verification codes by voice or SMS on your phone. I find texting easier.
In seconds, you'll get a call with your verification number. You then enter this code into your web browser's data entry box Your device will then ask you if you want it to remember the computer you're using. If you answer, "yes" that programs will be authorized for use for 30-days. Finally, you turn on 2-step verification and you're done.
You can also make this even simpler by using Google Prompt. With this you can authorize Google apps by simply entering "yes" when prompted on your phone.
Only use apps from the Google Play Store
Seriously. The vast majority of Android malware comes from unreliable third party application sources. Sure, bogus apps make it into the Google Play Store from time to time, like the ones which messaged premium-rate text services, but they're exception, not the rule.
Google has also kept working on making the Play Store safer than ever. For example, Google Play Protect can automatically scan your Android device for malware when you install programs. Make sure it's on by going to Settings > Security > Play Protect. For maximum security, click Full scanning and "Scan device for security threats" on.
Use device encryption
The next person who wants to snoop in your phone may not be a crook, but a US Customs and Border Protection (CBP) agent. If that idea creeps you out, you can put a roadblock in their way with encryption. That may land you in hot water with Homeland Security, but it's your call.
To encrypt your device, go to Settings > Security > Encrypt Device and follow the prompts.
By the way, the CBP also states "border searches conducted by CBP do not extend to information that is located solely on remote servers." So, your data may actually be safer in the cloud in this instance.
Use a Virtual Private Network
If you're on the road -- whether it's your local coffee shop or the remote office in Singapore -- you're going to want to use free Wi-Fi. We all do. We all take big chances when we do since they tend of be as secure as a net built out of thread. To make yourself safer you'll want to use a mobile Virtual Private Network (VPN).
In my experience, the best of these are: F-Secure Freedome VPN, KeepSolid VPN Unlimited, NordVPN, Private Internet Access, and TorGuard. What you don't want to do, no matter how tempted you may be, is to use a free VPN service. None of them work worth a darn.
Password management
When it comes to passwords, you have choices: 1) use the same password for everything, which is really dumb. 2) Write down your passwords on paper, which isn't as bad an idea as it sounds so long as you don't put them on a sticky note on your PC screen; 3) Memorize all your passwords, not terribly practical. Or, 4) use a password management program.
Now Google comes with one built-in, but if you don't want to put all your security eggs in one cloud basket, you can use other mobile password management programs. The best of the bunch are: LastPass, 1Password, and Dashlane.
Use anti-virus software
While Google Play Protect does a good job of protecting your phone, when it comes to malware protection I believe is using a belt and suspenders. For my anti-virus (A/V) suspenders, I use Germany's AV-TEST, an independent malware detection lab, results as my guide.
So, the best freeware A/V program today is Avast Mobile Security & Antivirus. It's other security features, like its phone tracker, doesn't work that well, but it's good at finding and deleting malware. The best freemium A/V software is Norton Mobile Security. All its components work well and if you elect to go for the full package, it's only $25 for 10 devices.
Turn off connections when you don't need them
If you're not using Wi-Fi or Bluetooth, turn them off. Besides saving some battery life, network connections can be used to attack you. The BlueBorne Bluetooth hackers are still alive, well, and ready to wreck your day. Don't give it a chance.
True, Android was patched to stop this attack in its September 2017 release. Google's device family got the patch and Samsung deployed it. Has your vendor protected your device yet? Odds are they haven't.
If you don't use an app, uninstall it
Every application comes with its own security problems. Most Android software vendors do a good job of updating their programs. Most of them. If you're not using an application, get rid of it. The fewer program doors you have into your smartphone, the fewer chances an attacker has to invade it.
If you follow up with all these suggestions, your phone will be safer. It won't be perfectly safe -- nothing is in this world. But, you'll be much more secure than you are now, and that's not a small thing.