This is an interesting tutorial by zero1 over at HackBB.
i'm not much for writing tutorials, and i'm not sure whether this should go under the mobile phones section, privacy, tutorial, or the newbie section, but with the recent revelations of IQ Carrier and seeing how most people on TOR tend to be a bit tinfoil hat oriented, i'd just like to do my part and share some info with the community and those who aren't already aware.
everything that follows is for android phones only. nothing should be thought of as 100% safe or guaranteed, and you should always do your own research.
1) if you haven't done it already, flash your fucking android and put Cyanogen Mod 7 on there. just rooting your phone isn't good enough. you need to flash it and get all that bullshit and bloatware off your phone. info on how to do this can be found at http://www.androidforums.com/
2) firewall your phone. Droidwall is a firewall based on iptables for linux. it will prevent data access to apps unless you specifically allow it. LBE Privacy Guard will limit access to specific functions for apps. for example, it will prevent apps that have no business requiring contact information or fine gps location from accessing said functions. LBE can also block apps from requesting IMEI info. both work very nicely with each other. LBE Privacy Guard does NOT prevent your carrier from accessing your location. it only prevents the apps you define from accessing the gps function, as well as almost any other function you choose. more information is available by searching the android market.
3) apply encryption and security to calls & texts. Redphone is an end-to-end encrypted VOIP app and TextSecure is an encrypted (you guessed it) app for texting. in order for these to work, the person you are trying to call or text must have the apps installed on their phone as well, so it's not good for calling house phones or any other phones besides other androids, really. i believe apple blocked redphone from their app store so that's just one more reason why apple sucks. both apps were written by moxie marlinspike and the guys over at whisper systems. there's also another app by the guardian project for secure texting called Gibberbot that's definitely worth checking out. more info is available in the android market or by visiting http://www.whispersys.com/ (or guardianproject.info for gibberbot)
4) delete exif data and obfuscate pictures. ObscuraCam by the guardian project can do just that. you can import pictures into ObscuraCam or you can use this app to take pictures with. it can remove exif data and it can pixelate faces to prevent facial recognition. (for those who don't already know, exif data is identifying metadata embedded in pictures such as gps location, timestamps, phone make/model, etc. exif data exists on all pictures taken with digital cameras, not just phones). more info can be found in the android market or at https://www.guardianproject.info
5) orbot is TOR for android and orweb is the accompanying browser. if you didn't already know this, then you obviously don't visit the TOR website enough. orbot works well with tethering and will allow you to surf anonymously even if you don't have TOR on your computer. not sure how secure it is compared to regular TOR, and i certainly wouldn't recommend doing anything too serious over your phone since your phone is basically a self imposed bug in your pocket, but if necessary, it's better than the nothing. more info: the tor website or guardianproject.info
i'm not much for writing tutorials, and i'm not sure whether this should go under the mobile phones section, privacy, tutorial, or the newbie section, but with the recent revelations of IQ Carrier and seeing how most people on TOR tend to be a bit tinfoil hat oriented, i'd just like to do my part and share some info with the community and those who aren't already aware.
everything that follows is for android phones only. nothing should be thought of as 100% safe or guaranteed, and you should always do your own research.
1) if you haven't done it already, flash your fucking android and put Cyanogen Mod 7 on there. just rooting your phone isn't good enough. you need to flash it and get all that bullshit and bloatware off your phone. info on how to do this can be found at http://www.androidforums.com/
2) firewall your phone. Droidwall is a firewall based on iptables for linux. it will prevent data access to apps unless you specifically allow it. LBE Privacy Guard will limit access to specific functions for apps. for example, it will prevent apps that have no business requiring contact information or fine gps location from accessing said functions. LBE can also block apps from requesting IMEI info. both work very nicely with each other. LBE Privacy Guard does NOT prevent your carrier from accessing your location. it only prevents the apps you define from accessing the gps function, as well as almost any other function you choose. more information is available by searching the android market.
3) apply encryption and security to calls & texts. Redphone is an end-to-end encrypted VOIP app and TextSecure is an encrypted (you guessed it) app for texting. in order for these to work, the person you are trying to call or text must have the apps installed on their phone as well, so it's not good for calling house phones or any other phones besides other androids, really. i believe apple blocked redphone from their app store so that's just one more reason why apple sucks. both apps were written by moxie marlinspike and the guys over at whisper systems. there's also another app by the guardian project for secure texting called Gibberbot that's definitely worth checking out. more info is available in the android market or by visiting http://www.whispersys.com/ (or guardianproject.info for gibberbot)
4) delete exif data and obfuscate pictures. ObscuraCam by the guardian project can do just that. you can import pictures into ObscuraCam or you can use this app to take pictures with. it can remove exif data and it can pixelate faces to prevent facial recognition. (for those who don't already know, exif data is identifying metadata embedded in pictures such as gps location, timestamps, phone make/model, etc. exif data exists on all pictures taken with digital cameras, not just phones). more info can be found in the android market or at https://www.guardianproject.info
5) orbot is TOR for android and orweb is the accompanying browser. if you didn't already know this, then you obviously don't visit the TOR website enough. orbot works well with tethering and will allow you to surf anonymously even if you don't have TOR on your computer. not sure how secure it is compared to regular TOR, and i certainly wouldn't recommend doing anything too serious over your phone since your phone is basically a self imposed bug in your pocket, but if necessary, it's better than the nothing. more info: the tor website or guardianproject.info