Forgot your password?
typodupeerror
Android Cellphones Handhelds Security Wireless Networking IT

Ask Slashdot: How Can I Protect My Android Devices From Hackers? 295

Posted by timothy
from the farraday-cage-in-a-farraday-zoo dept.
SternisheFan writes "My Android phone (an unrooted OptimusV running 2.2.2) and my Android tablet (Arnova 7g3 running 4.1) have been subjected to hacking via either 'forced Bluetooth attack' or through the Wi-Fi signals in the home where I currently rent a room. I got an Android phone at the start of this year after my 'feature phone' was force Bluetooth hacked hoping for better security, yet I still have major security issues. For instance, my Optimus's Wi-Fi again shows an error, although I am sure that a hack is causing this since when I reset the device when it's out of range from this home's signal the Wi-Fi works fine. And now the tablet (as of recently) can't access this home's open Wi-Fi, though it works fine when at other outside hot-spots. So, my question is: Are there any good (free?) security apps out there that would actually prevent this from occurring? It's not like I'm doing nefarious things on the internet, I just want to keep it private."
This discussion has been archived. No new comments can be posted.

Ask Slashdot: How Can I Protect My Android Devices From Hackers?

Comments Filter:
  • open WiFi? (Score:5, Informative)

    by Anonymous Coward on Monday October 22, 2012 @12:20PM (#41729747)

    if you don't use bluetooth turn it off; as for wifi there are lots of reasons why it won't work (overcrowded airspace, microwaves that interfere, etc). If you are not using WPA2; then you need to upgrade. I would try changing the channel your wifi is on as well (e.g. if it is 6 now, go to 1 or 11)

    • Re:open WiFi? (Score:5, Insightful)

      by Anonymous Coward on Monday October 22, 2012 @12:48PM (#41730129)

      100%, absolutely, positively, this. There is no app out there that will effectively protect you from yourself -- and, make no mistake, it is you creating the problem. If you run around roaming from AP to AP, run unsecured at home (what?!), and leave your BT on even when not in use, you're gonna have a bad time.

      • Re: (Score:3, Insightful)

        by hawguy (1600213)

        100%, absolutely, positively, this. There is no app out there that will effectively protect you from yourself -- and, make no mistake, it is you creating the problem. If you run around roaming from AP to AP, run unsecured at home (what?!), and leave your BT on even when not in use, you're gonna have a bad time.

        What good is Bluetooth if I have to turn it on every time I want to use it and then turn it off again when I'm done? At work my phone pairs to a Bluetooth speaker, when I'm on the train it pairs to my Bluetooth headset, when I'm driving it pairs to my car audio system. If I have to mess with my phone to turn Bluetooth on and off each time I want to use it, I may as well just plug in a cable.

        • by mr1911 (1942298)

          What good is Bluetooth if I have to turn it on every time I want to use it and then turn it off again when I'm done?

          He said Bluetooth sucks. I don't think he is here to give you a sales pitch for it.

          I have yet to find a Bluetooth gadget that was worth the extra battery drain. YMMV.

          • From http://hassam.hubpages.com/hub/Types-Of-Bluetooth-Hacks-And-Its-Security-Issues [hubpages.com]

            1.Bluejacking 2.Bluesnarfing 3.Bluebugging 4.Bluetoothing Firstly let’s take a look into Bluejacking. In Bluejacking a hacker might send unsolicited messages to the victim in the form of a business card or a mobile contact with a text that may look intimidating to read. In many cases hacker may also send sounds like a ring tone. The victim’s mobile could then be infiltrated and he might never know what has hi

        • Because it's just so hard to add a widget to your homescreen that will turn your bluetooth on and off with just one touch. And as an added bonus, increased battery life. Is that so hard to understand?
          • Public service announcement: can people who don't use Bluetooth please refrain from telling those of us who do how to use it. We know how to use it, and you obviously don't, or you wouldn't make silly comments like "Put a widget on the screen to turn it on" (presumably next to the widget that predicts to the second when the next incoming call will come in.)

            Thank you.

  • Try.. (Score:5, Insightful)

    by mschoolbus (627182) <travisriley@@@gmail...com> on Monday October 22, 2012 @12:20PM (#41729751)
    Why don't you turn Bluetooth off until you need it?

    I am not convinced you are being 'hacked'.
    • Re:Try.. (Score:4, Insightful)

      by thsths (31372) on Monday October 22, 2012 @12:46PM (#41730099)

      Exactly. I would recommend to dial back the paranoia, not every bug is evidence of being hacked. Unfortunately the WiFi stack of Android is absolutely full of bugs, but most only cause a bad connection or a disconnect.

      That being said, Android 2.2 is way out of date, and you should not consider it secure in any sense of the word. Watch the information that you put on your phone, including login data. And there is nothing you can do about it, except complain to the manufacturer about it not being "fit for purpose".

      • Re:Try.. (Score:5, Informative)

        by Lumpy (12016) on Monday October 22, 2012 @01:15PM (#41730517) Homepage

        Knowing the phone and the OS level, It's not being hacked. it's the craptastic phone and out of Date OS.

        2.2.2 had MAJOR problems with wifi. the phone needs to be sold and buy a unlocked nexus from google.

        • Re:Try.. (Score:4, Informative)

          by Mister Transistor (259842) on Monday October 22, 2012 @01:51PM (#41731071) Journal

          I'll second this. I have an old crummy original 'drioid Motorola A855 and that still runs 2.2.3. There was never any further updates for it from .2 to .3 and the unsecured WiFi is completely unusable. It works passably on WEP and WPA2 but unsecured never worked right. If it ever would connect, it would time out or lock up after a few minutes of operation. Totally suck-tastic.

          • Re:Try.. (Score:4, Informative)

            by nevermore94 (789194) on Monday October 22, 2012 @02:09PM (#41731319)

            You have an original OG Droid and you are still complaining about it now? The phone is ancient and should have been replaced a long time ago. That being said, it is also completely unlocked and one of the easiest phones to upgrade the OS on. Check out Cyanogen Mod or Project Elite for a whole new experience on the phone and repurpose it as a useful WiFi based media device.
            http://www.droidforums.net/forum/project-elite/ [droidforums.net]
            http://rootzwiki.com/forum/205-projectelite/ [rootzwiki.com]
            http://www.cyanogenmod.com/devices/motorola-droid [cyanogenmod.com]

            • Thank you for that. I am going to do more reading up. Tried to 'root' from an Android site about 2 months ago, it wouldn't accept the final step. Programs WERE added to my Optimus V. Worse comes to worse, I'll buy a dupe and never let it out of my sight. This way no one can 'hard hack' it by connecting a computer device to the phones USB. A 'soft hack' via wireless can always be erased by doing a factory reset, from what I've learned. But a hard hack, if I knew how to undo that, I wouldn't have poste
        • Or he could install CM7.2 (everything works) or CM9 Beta (with no USB tethering), and unroot the device.

          • CM9 beta, huh? Like I've posted elsewhere here, this hard-hacked phone won't take the final step in the standard rooting procedure listed in Android Forums, I'll be trying all these things eventually. It's a quest!
    • by AmiMoJo (196126)

      The claims are truly dubious. I can't find any evidence of there being hacks available for the Optimus V or stock Android 2.2, and even if there were the phone is only discoverable for 60 seconds during which the attack would need to be launched.

      What was the result of this hack? Can the questioner provide any details?

      Basically as long as you only install apps from Google Play you should be fine. The problems with his home wifi sound like a router problem because clearly the phone can connect to other access

      • Re:Try.. (Score:5, Insightful)

        by Samantha Wright (1324923) on Monday October 22, 2012 @12:53PM (#41730187) Homepage Journal
        I've found at least one reliable citation [oberlin.edu]. Note: if, in the future, someone says their Wi-Fi is "showing an error" and equates this to "being hacked," they're completely clueless. This shouldn't be on Slashdot.
        • Not so. Other posts have backed me up. As I've stated elsewhere, my phone's been hard-hacked via a USB cable. All due respect to you, this is an issue when someone is targeted with the right hardware. Don't believe, google "hacking android", here's one fast link... http://www.huffingtonpost.com/2012/07/25/android-hackers_n_1704341.html [huffingtonpost.com]
          • by admdrew (782761)

            The HuffPo link references the NFC 'hack' that refers to a device state that describes roughly 0% of Android phones in the field (ie, pre-Android 4.x with NFC enabled). Basically non-news in the world of phone exploits.

            While I certainly feel for you, I (as do many others here) truly believe this is a very specific situation in which a conclusion of hacking was jumped to far too quickly, and probably erroneously; the evidence is too anecdotal and not technical enough.

    • Indeed. My android phone has done this kind of crap since the day I got it. It's a feature.

    • Why don't you turn Bluetooth off until you need it? I am not convinced you are being 'hacked'.

      see above, or click this link, bluetooth does not have to be on to be accessed. Shocked me too. http://hassam.hubpages.com/hub/Types-Of-Bluetooth-Hacks-And-Its-Security-Issues [hubpages.com]

  • A few tips.... (Score:5, Informative)

    by abhi2012 (2739367) on Monday October 22, 2012 @12:23PM (#41729799) Homepage
    1. Put bluetooth in invisible mode unless you require somebody to find it. 2. Don't put the devices you add on auto send/receive. 3. Try putting an antivirus with a firewall. There are quite a few on the market. 4. Ask the network admin (of the WiFi at your home) to disallow listing of devices on the network. I suppose that should get you started.
    • 1. Put bluetooth in invisible mode unless you require somebody to find it. 2. Don't put the devices you add on auto send/receive. 3. Try putting an antivirus with a firewall. There are quite a few on the market. 4. Ask the network admin (of the WiFi at your home) to disallow listing of devices on the network. I suppose that should get you started.

      Thanks for the advice, wish I could. When it's hacked, I get an error on both Wifi and Bluetooth, though I know that there is nothing wrong with them. I recently factory reset the phone away from the home's wifi signal, activated via Virgin Mobile, and all features worked fine again. That lasted only a few days though...

  • by Anonymous Coward on Monday October 22, 2012 @12:23PM (#41729809)

    Turn the devices off.

  • Faraday (Score:5, Funny)

    by Antipater (2053064) on Monday October 22, 2012 @12:24PM (#41729817)
    Not Farraday. Damnit, timothy!
  • Some tips: (Score:5, Informative)

    by kiriath (2670145) on Monday October 22, 2012 @12:24PM (#41729821)

    Be wary of "any ol' bob's" android distro. Try to stay mainstream and stay up to date. If you're not using bluetooth, turn it off. If your vendor's version of Android isn't as secure as it could be complain with much loudness, if you don't get satisfaction switch vendors.

    Your Wifi issues seem to me to be related more to your AP than the devices themselves. Perhaps try a different AP/Router?

    I'm not sure how you could be sure a hack is causing a Wifi error. Even if it popped up and said "Hi! Your wifi is disabled because we're haxoring you" I'd be skeptical. You should try some of the mainstream android support forums with that and see what they say.

    Good luck!

    • by Radish03 (248960)
      Your Wifi issues seem to me to be related more to your AP than the devices themselves.

      I've had a similar wifi issue with my phone (Nexus S) maintaining a connection to a home network running one of those ISP provided all-in-one router/modems. The solution was to turn off "Avoid Poor Connections" in Settings > Wi-Fi> Advanced.
      • by kiriath (2670145)

        That seems logical... from the AP standpoint having a low signal device trying to get its share of time can drag down the performance of the rest of the connections to the AP. If your phone is the only or one of the only devices connecting then it wouldn't matter(as much). A lot of times the AP will continually kick low signal devices if the threshold is set even marginally strict, so that it doesn't have to degrade the connectivity of the faster connections.

        If you're on a low power device across the house

    • After the "forced bluetooth hack" happens, anything is possible to do to the phone. The routers at my place are not in my control, unfortunately. Until I can move to a secure place, I'm forced to learn a lot of new stuff. Really, thanks for your input.
  • Short-range attacks (Score:5, Informative)

    by Anonymous Coward on Monday October 22, 2012 @12:24PM (#41729823)

    If the vectors you're being "hacked" through are BlueTooth or WiFi, it would seem that they're both occurring from fairly close to your physical location. Maybe you should figure out which of your housemates is hacking your devices and take appropriate action.

  • You're blocked. (Score:4, Informative)

    by drakaan (688386) on Monday October 22, 2012 @12:25PM (#41729837) Homepage Journal

    Correlation is not causation.

    You assume that since you were hacked via bluetooth before at a particular place (maybe) that since your connection to an unsecured wifi hotspot (!!! seriously? you're *really* worried about getting hacked but you're connecting to an open wifi connection?) doesn't work, it must be because of hacking.

    Most routers have the ability to allow specific MAC addresses to connect, and to deny connections to MAC addresses not in that list. My guess is that's what's going on...hard to say, since you didn't mention whether you spoke to the person who pays for the internet connection associated with the previously-mentioned wireless access point.

    • Why is connecting to an open WiFi access point a security problem? The device should never trust the network.

    • by Dan East (318230)

      I wish I had mod points. Unless the submitter has direct evidence that he was hacked via Bluetooth (astoundingly, not just once, but twice on completely different devices that would require entirely different attack vectors / exploits), then I seriously doubt his device is being compromised in that way. I also find it very unlikely that WiFi was used to gain access to his device either.

      I question what kinds of apps, modifications, custom roms, etc, this person is using, or if anyone that has access to his

      • Too pat. I don't believe in coincidence anymore, not after all I've been through the last 3 years, more to my story than I'm letting on here. It's real. Caught on last year to a 'forced bluetooth attack' (google it, you'll learn as I had to) when my feature phone vibrated while hanging in a 'friends' garage. No text, no phone call, but something made it vibrate. (Someone was outside with a 'hacking device') My 'friend' played a little too dumb, and checking that phone later, I noticed a big slowdown i
  • Move? (Score:2, Insightful)

    by Anonymous Coward

    I know it may not be real practical but if your roomates or close neighbors are hacking you all the time this might not be a very good establishment? I wonder what their motives are and if they can be trusted outside the digital realm as well. I'm also skeptical as to whether or not you are really being hacked. These things aren't that easy. I don't see how any non root app is going to be able to solve security problems which appear to be a problem of the OS.

    • Thank you for your post. I have moved several times the last 12 months, can't keep doing it. Making my stand here. The same shit has happened to me for over a year now, I can't prevent it, .... (yet!).... Timothy and /. 's printing this story is helping me a whole hell of a lot, new things I haven't known about until today. :-)
  • Umm... (Score:2, Informative)

    by Anonymous Coward

    I think your problem is the "Open WiFi" in your house instead of your device. Maybe it's too overloaded to actually provide service with everyone using it.

    Ask your housemates to secure the wifi connection or don't use it.

  • by ebunga (95613) on Monday October 22, 2012 @12:29PM (#41729889) Homepage

    Why are you a target? If you are actually a victim here, and not some person suffering from paranoid delusions, what makes you worthy of the risk of a close range attack?

    • Why are you a target? If you are actually a victim here, and not some person suffering from paranoid delusions, what makes you worthy of the risk of a close range attack?

      I've explained elsewhere here, somebody who's very much a lady from my past still cares about me, I think. She would have the resources, if she so chose, to pay to 'monitor' me. As someone else posted, sounds like a bad novel, and I agree. Story of my life, lately...

  • hacked?! (Score:5, Insightful)

    by Anonymous Coward on Monday October 22, 2012 @12:30PM (#41729895)

    You aren't being hacked, the owner of the wifi in your house is fed up with you skanking his wifi and blocking you.
    How did this get posted?

  • Don't know if it's the best, but it's the one the WSJ recommended a year or so ago. Yet for the last few months a pretty bad bug, failure to update, has affected many users: http://community.webroot.com/t5/Webroot-Mobile-for-Android/Definition-Update-Failed/td-p/9404 [webroot.com] A fix is finally due this week, they say.

    The problem is that many phones have very little volatile memory available. On my phone, apps like Facebook and Youtube and Twitter and Poynt cannot be deleted, nor the detested music content app of my

  • Is this a joke? (Score:5, Insightful)

    by DigitAl56K (805623) on Monday October 22, 2012 @12:36PM (#41729973)

    So you have two devices having problems connecting to your home access point, and you assume you need protection for your android devices? It sounds more like you need to fix a problem with your access point, in that it's stopped accepting connections. Maybe it's exhausted DHCP assignments for your devices, or your MAC addresses are being blocked - maybe because someone was trying to spoof them, maybe because of a bug in the access point.

    Going from "my devices are having problems connecting to my access point at home only" to "help, hackers are attacking my android devices" is a bit of a stretch, isn't it?

    And more of a stretch is how this got front page...

  • Para-droid? (Score:3, Insightful)

    by WoodburyMan (1288090) on Monday October 22, 2012 @12:39PM (#41730015)
    Okay so you are paranoid about someone attacking your device via Bluetooth, yet you're connection is a unsecured unencrypted WiFi network. Also if you believe someone is coming in via Bluetooth, then it's limited range, and someone in your home is doing it. Time to file criminal charges or move. This might be legit. However this strongly reminds me of a client we had to deal with that we had to finally tell to stop calling us, as he believed "hackers" were out to get him, and installed a virus in his phone line. As in the wire. Despite hours and hours of patiently explaining how it was impossible, and local phone company replacing and checking for wire taps according to him. He believed it because a person would always join the AOL Chat room he was in and tell him his phone conversations he just had. This was in dial up days. Within the last year, the same guy stopped in. (Only I recognized him as others who were working for our business at the time have all left). He claimed hackers kept installing viruses on his smart phone and he wiped it and they kept coming back.
  • I apologize for not being familiar with the current market of android security apps, and though that may be a good thing to have, I'm rather doubtful it's your current issue.

    It seems you are concluding that you have been hacked because you can't connect to one home network that someone else administers, but are fine on other networks. It's probably the network, not your phone.

    Some probably causes:
    The admin changed the security protocol to one your devices don't support. (I see that with nintendo 3ds gameboy
  • is clearly the only option.

    Sadly that will prbbaly seem reasonable considering your display of logic and reason so far.

  • by blind biker (1066130) on Monday October 22, 2012 @01:12PM (#41730465) Journal

    ...that SternisheFan is not being "hacked". I do get the impression that he's somewhat clueless, though, and could benefit from the wisdom of the /. community.

    For one thing: do not keep BT on all the time - that's going to sap a bit of energy from your battery. Not terribly much, but since it's also a potential safety risk, there is absolutely no need to have Bluetooth on unless you need it.

    It's when the wi-fi situation was mentioned, that I realized the poster is clueless.

  • Dos and don'ts (Score:4, Informative)

    by tero (39203) on Monday October 22, 2012 @01:15PM (#41730519)

    Doesn't sound like you're hacked really.
    But generally:

    don't: ..run old versions of android (upgrade your devices - upgrade hardware if you can't run latest software) ..install apps from non-appstore sources, be vary of malicious appstore apps as well (read reviews, do research before install, generally avoid "freebie" versions of paid software). ..surf on strange pages, click strange links or scan QR-codes ..have bluetooth/wifi/nfc on when not needed ..connect to unsecure free wi-fi, ever. ..don't use public USB loading stations (airports, malls etc). ..have sensible information on your phone/tablet.

    do ..use encrypted device / sd-card ..use passphrase to lock the device screen ..use remote wipe/anti-theft service (most AV-vendors offer this) ..keep backups ..consider using a VPN service for those moments you can't avoid connecting to unsecure wi-fi.

    That's it for starters.

  • Sounds like you have an issue with your WiFi. Try using a different channel and if that doesn't work a new WiFi router. There is a nice WiFi analyzer program that you can get free from Google play. Use it to find a free channel. The clue that I'm looking at is the "Bluetooth is being hacked" and "WiFi doesn't work in my apartment". Both of these use the 2.4 GHz band and you could simply be a victim of too many RF devices in a small area raising the noise floor to a level too high for your phone to work.
  • " How Can I Protect My Android Devices From Hackers?"

    Simple, don't turn them on.

  • Turn off cellular data and turn off Wifi. Also, don't install any apps. Those steps will prevent hackers from getting control of an Android.
  • 1). Turn off things you do not use, NFC, Bluetooth and wifi
    2). Take caution when jailbreaking your phone, this exposes additional security vectors which require additional lock down steps.
    3). Install applications only from the Play Store and read reviews before installing.
    4). If your provider does not update your phone's software, you should do this manually via releases provided by manufacturers websites.

    AFAIK that's pretty much it.
  • I had an old Froyo phone for a while. Even on that old OS, you could only set Bluetooth to "discoverable" mode for 120 seconds, after which it would turn off automatically. Setting TV show exploits aside... don't the BT attacks (bluesnarfing, bluejacking) require your phone to be in discoverable mode?

  • OP mentions "hacking" a lot, but doesn't provide any concrete examples of it besides suspicion. It's ok to not be very computer literate (I care less), but to think everytime there's an error = hacker is kinda dumb. You're probably getting an error on your wi-fi network (is it yours? public? neighbors?) due to misconfigured settings, those tend to throw errors. How do you know your bluetooth is being brute forced? Are there changes on your device you haven't made? Anyways I feel I'm throwing words to t

  • by LodCrappo (705968) on Monday October 22, 2012 @05:16PM (#41733705) Homepage

    WTF.

    The OP obviously is not "hacked". That doesn't make the first bit of sense. Even if the problem wasn't presenting on *two different devices*, why in god's name would any 'hacker' disable your WIFI (and only at your own home). What is the possible motivation for this imaginary criminal mastermind who has invested their time in ruining your WIFI when you are at home? Is he perhaps funded by The Others in a plot to steal your mind waves???

    Or maybe... just maybe... (and I know, I'm reaching here)... YOUR ACCESS POINT IS BROKEN, OR HAS BEEN CONFIGURED TO BLOCK THESE DEVICES??? It's just a theory based on the fact that two different devices work fine with every other access point, but not this one. Wild, I know.

    How did the editors not notice that this is complete ignorant crap?

    PS
    the entire question is retarded.

    thank you

  • by dgharmon (2564621) on Monday October 22, 2012 @08:33PM (#41735701) Homepage
    Stop using these defective and unlicensed products and immediatly move to a Windows Phone ...

    Insert Innovation Here [postimage.org] :o

Help stamp out Mickey-Mouse computer interfaces -- Menus are for Restaurants!

Working...