This is the last part of the Essential FOSS app pick series which will highlight the best security apps available in the F-Droid app store (most are in the Play Store too), all apps in F-Droid are licensed under Free Software licences such as the GPL and Apache licenses.
Getting started with F-Droid can be a little difficult after migrating from Google’s Play Store, many of the apps, proprietary, are not available for download in F-Droid which only supplies open source apps. Many apps people download from the Play Store are also recommended to people by word of mouth, as F-Droid usage is quite fringe so finding good apps could prove a more difficult task, hopefully this app round up series will get you over this hurdle.
In addition to these applications it is highly recommended that you ENCRYPT your device with a very strong password, this will prevent local access to your device.
NOTE: Some of the applications mentioned here require root access!
5 – KeePassDroid
I found KeePassDroid whilst looking for a free software alternative to LastPass. Unlike LastPass this app doesn’t connect to any servers, instead it hold your data in a locally stored encrypted database which you can move from machine to machine. KeePass is available on desktop platforms as well as mobile which is an advantage of LastPass which requires you to pay a subscription fee to use its mobile application.
It’s functionality is similar to that of LastPass, including randomly generating passwords. We’re constantly being reminded that we should be using alternative passwords for different sites, KeePassDroid is perfect for this task, just be careful to make backups of your database of credentials.
APK available here.
4 – Android IMSI-Catcher Detector (AIMSICD) (Available on a range of app store, just not Google Play)
If you still use your phone for calls and SMS then AIMSICD will help you stay more secure. The following excerpt is from the project’s gun.io page and it sums up the app nicely: “Our App, the Android IMSI-Catcher Detector (short: AIMSICD), enables the user to detect and avoid fake base-stations (IMSI-Catchers) or other base-stations (mobile antennas) with poor/no encryption. Our goal is to warn users if the encryption is turned off on their phones, or if they’ve been tracked via Silent/Stealth SMS. The app also enables several other protection mechanisms. This is especially important for people who „have to“ take their smartphones to demonstrations (the phone should better stay at home) or live in countries with repressive governments.”
I’d say this app is essential for anyone with a SIM card in their device however if you have publicly known political views outside of the mainstream or attend protests as it mentions above I would then recommend you to leave your phone at home unless this is installed first.
For those of us who have their SIM cards removed from their phones just toggle aeroplane mode to ON and then enable other wireless functionality such as wifi and bluetooth manually, then there is no need for this app.
APK available here.
3 – Wi-Fi Privacy Police
Wi-Fi Privacy Police is a fairly new app that I have encountered on F-Droid and I’ve found it fairly useful as a backup measure if I ever forget to disable wifi while outdoors I turned my wifi off because Android sends out data regarding which networks you’ve joined in the past and anyone with the right setup could pinpoint where you’ve connected to wifi. The great thing this about this app is the by default it will prevent the names of your previous connections being leaked out. In addition “If your smartphone encounters an unknown access point with a known name (for example, a malicious access point pretending to be your home network), it asks whether you trust this access point before connecting. This makes sure that other people are not able to steal your data.”
I regularly disable wifi before I leave the house to prevent data leaking from my phone and to retain as much battery life as possible, however I do often forget to disable wifi and usually kick myself over this, however with this app installed there is no need to worry about data leaking out.
APK available here.
2 – AFWall+
Installing AFWall+ is the first thing I do on any new Android install. When you first install this app you should go to the settings and enable ‘Show notification icon’ to ensure the app is switched on by glancing at the notification bar. Another setting to tweak on install is the mode, above the check boxes in the image above it says ‘Mode: White List (allow selected)’, by default it may be set to black list, you should definitely change this to white list mode so that newly installed apps need express permission to get connected to the internet.
Some of the apps in the list which need enabling include: VPN Networking, any inbuilt updater for your ROM, Media Server, Downloads, CaptivePortalLogin and NTP Internet time servers. Otherwise be really strict about which apps get a connection to the internet, I haven’t even given AFWall+ permission to connect to the net. Once all this is done press the menu button, enable the firewall and hit apply, you should always press the apply button when you go to allow apps internet access in future too. If you’ve followed the setup process up until now, every app you install will be followed by a notification (blue icon) from AFWall+ asking if you want to allow the app to connect to the internet. From the picture above you can see three rows of check boxes, the third row is whether you want apps to work on 3G, I do not use 3G therefore I’ve left all the apps unticked.
APK available here.
1 – OpenKeychain
Last up is OpenKeychain, this app works in conjunction with K-9 Mail to encrypt emails and on its own to encrypt files. This app will guide you through the process of setting up new encryption keys as well as offering you the choice to import your existing keys. Whilst setting up your keys you have the option for them to be automatically uploaded to a key server. Searching and adding contact from keyservers is dead easy, just hit the search button at the top (magnifier and cloud icon) and search a contacts name, email or other identifying piece of information. Sliding out the menu from the left will give you a bunch of other options, they include encrypting and decrypting files and texts, viewing all the keys stored and looking at the apps OpenKeychain is plugged into.
Even if you have no intentions of using this app for encrypting emails (because you can’t get anyone else to) it is still very useful for encrypting sensitive data. This app can only decrypt emails and data encrypted to your public key if you have the secret key, if you uninstall the app without backing up the secret key you will lose the ability to decrypt your data, the app allows you to export your public (contains all your contacts too) and private keys, keep them safe!
If you are done using your keys that have been uploaded to the keyserver already just click on your key, then press edit then click each of the keys listed there and revoke them, when this is done go and upload the keys back to the server so other can see that they’ve been revoked. In my opinion this is not an ideal way to revoke keys so it’s best to figure out how to create a revocation key on your computer so that if your phone gets erased or lost you can remotely revoke the keys, there are tutorials online for setting this up.
APK available here.
Before you leave please share and comment on this article below. If you want to help fund this site so we can upgrade it and buy a domain name then please send some bitcoins to the below address, in addition we’re now on Google+, connect to get upcoming news!