

Spy Agencies Scour Phone Apps for Personal Data - rst
http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html

======
hackoder
If you're using Android, I'd highly recommend using a combination of XPrivacy
[1] and Android Firewall [2] (iptables frontend).

To make your life easier, disallow everything from accessing the net in
Android Firewall. Then, for those apps which you've allowed net access,
further tweak what they're allowed to access in XPrivacy. As a rule, turn off
account info, clipboard, location, contacts, and storage.

Not perfect, but a decent solution.

[1] [https://github.com/M66B/XPrivacy](https://github.com/M66B/XPrivacy)

[2]
[https://play.google.com/store/apps/details?id=com.jtschohl.a...](https://play.google.com/store/apps/details?id=com.jtschohl.androidfirewall)

~~~
throwawayXYZZY
Also, put a lock screen on your phone and never let anyone use/borrow it even
temporarily because if someone installs an accessibility service, it is game
over for your privacy in most apps regardless of whether the network traffic
is encrypted.

------
mturmon
Illustrating that people who audit apps to see what they are sharing are not
being too paranoid at all.

------
sentenza
And yet another reason why my next phone is going to be a Jolla:

In the future, I want to be able to run wireshark on my phone.

~~~
CSDude
You can currently do it in Android with standard tcpdump

------
001sky
Hmmm. Exploiting the weak(est) link of trust. In any chain of friends or
business associates. Have to say, it's by the book.

