In today's digital age, smartphones have become an indispensable part of life. For Android users, especially in China, privacy and security issues are receiving increasing attention. Due to the openness of the Android system and China's unique internet environment, ordinary users face more challenges regarding their privacy and security. So, how can ordinary Chinese users protect their privacy on their Android phones in daily life? Here are some practical suggestions.
Reliable phone brands and ROMs are the most fundamental security guarantee#
Try to choose reputable phone brands, especially those that prioritize privacy and security. Some conscientious brands adhere to the principle of "do no evil," and their products can strive to ensure privacy security. When purchasing a phone, you can choose brands with a good record of privacy protection, such as Google's Pixel, Samsung, etc.
Flashing and installing third-party ROMs is an important step in ensuring privacy security. Some domestic phones come with built-in modules and software that are detrimental to privacy security; flashing and installing third-party ROMs can help avoid these software from stealing your privacy.
Priority suggestions:
Pixel > Samsung > Xiaomi/Meizu > Oppo/Vivo > Huawei
Application permission management#
Many Android applications request a large number of permissions upon installation, such as access to contacts, location, camera, microphone, etc., but not every application needs these permissions. Therefore, users should review the permissions requested by each application and deny unnecessary permissions during installation.
In the settings, you can enter "Application Permission Management" to view and adjust the permissions of installed applications, regularly check permission status, and avoid applications gaining excessive access rights. You can also manage permissions by granting "Permission Dog" or other permission management software access through root or adb.
Important permission list (may vary by phone):
- Read installed application information (not recommended to authorize)
- Location permission (do not authorize unless necessary; if necessary, set to allow in the foreground)
- Read location from media (not recommended to authorize)
- Read storage permission (do not authorize unless necessary; if necessary, set to allow in the foreground)
- Read SMS, read call logs, read contacts (not recommended to authorize)
- Read clipboard content (not recommended to authorize; input methods can be authorized, and some text viewing and editing software can be set to allow in the foreground)
- Read calendar (not recommended to authorize for non-calendar applications)
- Read phone number, read device ID, read phone status (not recommended to authorize)
- Camera, recording (do not authorize unless necessary; if necessary, set to allow in the foreground)
- Get account, get usage (not recommended to authorize)
Use secure app stores to avoid installing unsafe software#
To ensure that applications on your phone are safe and reliable, and to avoid downloading software that contains malicious code or poses privacy risks, it is recommended to always download applications from trusted app stores. In China, although the Google Play Store may not be fully available, users can rely on other mainstream secure app stores, such as Coolapk, App Treasure, etc.
Applications downloaded from these app stores undergo security reviews, effectively reducing the risk of malware and unsafe applications. At the same time, avoid installing APK files from third-party websites or unknown download platforms, as these sources may have malicious code implanted that can steal your personal data or control your device.
If you must install applications from unknown sources, it is recommended to immediately run your phone's security scanning tool after installation to thoroughly check the application for security vulnerabilities.
Application security priority:
Offline applications >> Online applications
Open-source software > Non-open-source software
Foreign major software >>> Domestic major software
Online account security and social media safety#
In the internet age, protecting online account security and social media safety is crucial for personal privacy.
When registering accounts, foreign online platform accounts can be registered using email; it is recommended to use secure email services like Gmail (strongly recommended), Outlook, etc., and not to use Chinese email services. For temporary accounts, you can use temporary email (Temp mail) for registration. For domestic online platforms in China, it is not recommended to apply for an online ID (Internet certificate, Internet number); generally, use a +86 mobile number for registration, and do not perform real-name verification unless necessary (live streaming, etc. are considered necessary situations). After registering an account, do not link accounts across different platforms and ensure proper privacy settings within the online platforms. It is recommended to use different personal information (nickname, avatar, etc.) across different platforms and not to transfer content from domestic personal accounts to foreign accounts.
Using strong passwords can enhance account security. Avoid using simple passwords or common password combinations (like "123456" or "password"). It is recommended to use complex passwords that include uppercase and lowercase letters, numbers, and symbols. Additionally, regularly change passwords and do not reuse the same password across multiple accounts. You can use a password generator to create strong passwords and a reliable password manager to store them.
Be wary of phishing attacks: Do not click on links from unknown sources or open suspicious emails and messages, as these may be disguises for phishing attacks aimed at obtaining your account password. When visiting important websites, always manually enter the URL and avoid logging in through unknown third-party links.
Regularly check account activity: Log into each important account regularly to check for suspicious login records or unusual activity. If any anomalies are found, immediately change the password and check for unknown devices linked to the account.
Handle social media information with caution: On social media, try to minimize the public sharing of personal information, such as real names, addresses, phone numbers, etc. Check and adjust the privacy settings of social platforms to ensure that your personal information is only visible to trusted friends, preventing tracking or exploitation by strangers.
Input method security#
The input method is one of the most frequently used tools on our phones, but it can also become a channel for privacy leaks. Since input methods can record all the information you type, including account numbers, passwords, credit card numbers, and other sensitive content, choosing a secure input method is very important.
Choose a trusted input method: Avoid using input methods from unknown sources or those with low recognition. It is recommended to use input method applications developed by major companies with good privacy protection records, such as Google Input Method, Microsoft Input Method, etc. Domestic input methods often have significant privacy security vulnerabilities, so please use them cautiously.
Disable cloud synchronization and data uploads: Many input method applications offer cloud synchronization features that upload users' typing habits, dictionaries, and even some input content to servers for storage and analysis. To protect privacy, it is recommended to disable cloud synchronization features to prevent input data from being uploaded. You can find and disable "cloud input," "personalized recommendations," and other features in the input method settings.
Regularly clear input method cache: Input methods build personalized dictionaries based on user input, and over time, they may accumulate a large amount of sensitive information related to the user. Regularly clearing the cache and dictionary of the input method ensures that sensitive information does not remain stored locally or in the cloud for too long.
Use a dedicated password keyboard: When entering account passwords or sensitive information, try to use the "secure keyboard" or "password keyboard" mode in the input method, as these modes typically do not collect or store your input data, effectively preventing password leaks.
Pay attention to input method permissions: Input method applications usually request multiple permissions, including reading contacts, accessing the internet, etc. When installing an input method, it is recommended to carefully check and limit their permissions, allowing only necessary permissions and denying unnecessary network access and reading device information.
Use VPNs to protect online privacy#
China's internet environment has certain restrictions, but users can use Virtual Private Networks (VPNs) to protect their online privacy. By encrypting network traffic, VPNs can effectively prevent data from being monitored or stolen by third parties. At the same time, use well-known VPN service providers to ensure that user online activity information is not leaked.
Please choose and use VPNs cautiously
Avoid connecting to untrusted Wi-Fi#
Public Wi-Fi networks often lack encryption protection, making it easy for attackers to obtain sensitive data transmitted by users over these networks. Try to avoid connecting to untrusted public Wi-Fi networks, especially when shopping, banking, or entering sensitive information. If you must use a public network, be sure to connect through a VPN for encryption.
Set strong passwords and biometric recognition#
Phone passwords, fingerprint recognition, or facial recognition can effectively prevent unauthorized access. Ensure that your phone is set with a strong password and does not use overly simple password combinations like "123456" or "0000." At the same time, enable biometric recognition features, such as fingerprint or facial unlock, to further enhance device security.
Regularly back up and encrypt sensitive data#
Regularly back up data on your phone and encrypt important files and data. You can use cloud storage services like Google Drive, OneDrive, etc., and enable two-factor authentication and encryption measures to ensure that even if the device is lost, data will not easily fall into the hands of others. Also, remember to delete built-in privacy information from files (e.g., EXIF information from images).
Conclusion#
I hope every Android user can use their devices safely and freely in the digital world, protecting their personal information from being infringed upon.
(This article was assisted by ChatGPT)