Tuesday, July 30, 2013

How to Browse Securely on Your Android

If you are not aware of the risks of accessing your online accounts, like email or Facebook, when connecting to your local coffee shop open Wi-Fi, well here are some news... You definitely should! Any open Wi-Fi (the ones that don’t require password) are dangerous as they allow other people connected to the same Wi-Fi to “eavesdrop” on your connection. They can see what sites you are accessing, and sometimes even hijack your session and login to your account (yes, login to your Facebook as if they were you). PC World has a great article on how easy this can be done.
Here's what an eavesdropper sees when you use an unsecured Wi-Fi hotspot
Securing your browsing is not that difficult and it’s something that can be done even by the non technical user, however it usually requires that your Android phone is rooted (which is really just obtaining administrator access to your phone). I will provide some options, however I’m not going into details on how to configure them. There are plenty of tutorials online for that.


=> Using a proxy server with ProxyDroid

https://play.google.com/store/apps/details?id=org.proxydroid

ProxyDroid will connect to a proxy server (Wikipedia) somewhere on the Internet and send all your connection (traffic) trough that server. It’s somewhat similar to using a broker to buy insurance (the picture below, from Wikipedia, will give you a better idea).


You can find free proxy servers and accounts here - http://free.billproxy.com/


=> Using tor with Orbot


https://play.google.com/store/apps/details?id=org.torproject.android

Tor (Wikipedia) is a technology that allows you to connect to other computers so you can browse anonymously. This is something that a lot of hackers use to stay anonymous, and of course it’s also a great way to protect your data while browsing.



=> Using OpenVPN


https://play.google.com/store/apps/details?id=de.blinkt.openvpn

OpenVPN is a open source VPN (Wikipedia) software that works with multi-platform (Linux, Windows, Android, routers, etc...). It’s similar to a proxy server, however you connect to your computer at home so you can browse safely from there.



I have posted instructions previously on how to configure OpenVPN with Android and a DD-WRT router - How To Configure OpenVPN between DD-WRT, Ubuntu and Android


2 comments:

Bob Jonkman said...

Using proxies or VPNs does not secure your session from eavesdropping once the traffic leaves the proxy or VPN. You need to have end-to-end encryption to ensure that your traffic is secure from your device to the destination, ie. SSL or https

But proxies and VPNs will obscure your destination from your ISP or WiFi access point, and can circumvent blocked sites or unsupported protocols (like ssh or IRC).

--Bob.

Victor said...

@Bob,

That is correct. But remember that this post is directed to Android users connecting to open Wi-Fi to access emails and social sites. The additional security that you have mentioned is out of scope.

Plus, ssl by itself on an open Wi-Fi is not fail proof. Someone can easily fake the access point and direct you to a fake site without ssl. Average users would not know what hit them.