20241223

- Updated Payments page since MySudo Pay is now on Android - Updated Mobile Settings to Android 15 - Moved Android above iOS cause alphabetical order
tnonate · Dec 23, 2024 · 3cc38ca · 3cc38ca
1 parent 2d012c2
commit 3cc38ca
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 44 deletions.
diff --git a/src/assets/data/pages/en/guides/moderately-important/Payments.json b/src/assets/data/pages/en/guides/moderately-important/Payments.json
@@ -22,7 +22,7 @@
       }
     },
     "mysudo": {
-      "name": "MySudo (iOS Only)",
+      "name": "MySudo",
       "logo": "/images/logos/mysudo.png",
       "link": "https://mysudo.com/features/",
       "values": {

diff --git a/src/pages/en/guides/most-important/mobile-settings.mdx b/src/pages/en/guides/most-important/mobile-settings.mdx
@@ -10,9 +10,60 @@ draft: false
 
 **Please note** that your [threat model](/guides/prologue/threat-model/), life circumstances, and personal safety are top priority. These recommendedations are a general "one-size-fits-most" solution to mass data collection. Your situation may require enabling or disabling settings, features, and apps contrary to what we recommend to ensure your own safety or that of your loved ones. Always prioritize your safety and consider what your threat model requires. See my criteria for this page [here](/criteria#mobile-settings--apps).
 
+## Android 15
+
+**_NOTE:_** _Due to the nature of Android devices, the exact layout of the menu may vary from device to device. These settings assume that you have not signed into your Google account on the device (see the notes at the end of this section)._
+
+- Network & internet > Internet > Carrier settings > Allow 2G: Disabled
+- Network & internet > Internet > Carrier settings > Allow only encrypted networks: Enabled
+- Network & internet > Internet > Network preferences > Allow WEP networks: Disabled
+- Network & internet > Internet > Saved Networks: Remove old networks you no longer use
+- Network & internet > Private DNS > Private DNS provider hostname: Any provider from [this list](https://www.privacyguides.org/en/dns/) (You can ignore this if you plan to use a [VPN](/guides/less-important/vpns) on your device)
+- Connected devices > Connection preferences > Bluetooth: Disabled when not in use
+- Connected devices > Connection preferences > Printing > Default Print Service > Use Print Service: Disabled when not in use
+- Connected devices > Connection preferences > Quick Share: Off when not in use
+- Apps > All apps: Uninstall or disable any apps you don't use
+- Apps > Default apps: See [Securing Mobile: Replacement Apps](/guides/most-important/mobile-apps)
+- Notifications > App notifications > Disable entirely on any apps you don't need realtime notifications from (notifications can be used to [invade your privacy](https://www.wired.com/story/apple-google-push-notification-surveillance/))
+- Notifications > Notification history: Disabled
+- Notifications > Notifications on lock screen: "Don't show any notifications"
+- Notifications > Enhanced notifications: Disabled
+- Display & touch > Lock screen > Privacy: Don't show notifications at all
+- Display & touch > Lock screen > Now Playing: Disabled
+- Display & touch > Screen timeout: Shortest duration you are comfortable with
+- Display & touch > Screen saver: No photos that reveal something about you (such as family photos)
+- Wallpaper & style: Set your lock screen to something generic and non-personal (no family photos, etc)
+- Accessibility > Text-to-speech output > Preferred engine settings > Anonymous usage reports: Off
+- Security & Privacy: > Device Unlock > Screen lock: [Strong password](/guides/most-important/passwords) preferred, followed by PIN, then Pattern.
+- Security & privacy > Device Unlock > Screen lock settings > Enhanced PIN privacy: Enabled
+- Security & privacy > Device Unlock > Screen lock settings > Lock after screen timeout: Shortest duration you are comfortable with
+- Security & privacy > Device Unlock > Face & Fingerptint Unlock: Finerprint acceptable coupled with a strong password or PIN
+- Security & privacy > Device unlock > Theft protection > Theft Detection Lock: Enabled
+- Security & privacy > Device unlock > Theft protection > Offline Device Lock: Enabled
+- Security & privacy > Privacy controls > Permission manager: Check each app for any unncessary permissions and revoke them.
+- Security & privacy > Privacy controls > Ads: Delete advertising IDs
+- Security & privacy > Privacy controls > Data sharing updates for location: Review apps
+- Security & privacy > Privacy controls > Location access: Review apps
+- Security & privacy > Privacy controls > Activity controls: Review settings
+- Security & privacy > Privacy controls > More security & privacy > Personalize using app data: Disabled
+- Security & privacy > Privacy controls > More security & privacy > Android System Intelligence > Customize the experience using your Google Account data: Disabled
+- Security & privacy > Privacy controls > More security & privacy > Android System Intelligence: Clear data
+- Security & privacy > Privacy controls > More security & privacy > Usage & Diagnostics > Usage & diagnostics: Disable
+- Security & privacy > Privacy controls > More security & privacy > SIM lock: Enable (contact your provider for the SIM PIN)
+- Security & privacy > Privacy controls > More security & privacy > Encryption & credentials: Clear credentials
+- Location: Disable if you don't use it, otherwise review apps and disable permissions accordingly
+- Location > Location services: Disable all (emergency services will still be able to pull the information regardless if you call them)
+- Passwords, passkeys, & accounts: Empty all saved passwords, use a [password manager](/guides/most-important/passwords) instead
+- Google > All services > Search, Assistant, & Voice > Privacy & Safety > Search customization: Disable
+- Google > All services > Search, Assistant, & Voice > Privacy & Safety > Other settings > Discover: Disable
+- Google > All services > Quick Share > Who can share with you: Off, Your devices, or Contacts
+- Google > All services > Personalize using shared data: Disable all
+- **_Note:_** _It is possible to use an Android device without ever signing into a Google account for added privacy. This must be done during device setup. You can use [F-Droid](https://f-droid.org/) (or another client such as F-Droid Basic) to procure many [open source](/guides/prologue/open-source) apps, and [Aurora Store](https://auroraoss.com) as a proxy for the Play Store for anything else you can't get on F-Droid. Note that with Aurora you will not be able to use Google to process app-related payments such as subscriptions or one-time payments to download the app._
+- **_Note:_** _Android in particular is capable of a number of powerful, privacy- and security-enhancing strategies that iOS is not, such as the aforementioned "no account required," alternative app stores, sideloading, user profiles, and much more. Some of these are advanced techniques, but not all, though many of them fall outside the scope of this site. For those using or considering an Android device, I strongly encourage you to check out Privacy Guide's [Android page](https://www.privacyguides.org/en/android/) to get an idea of some of the things your phone is capable of._
+
 ## iOS 18
 
-- Apple Account (Your name at the top of the settings) > Sign-In & Security > Two-Factor Authentication: On (Security Keys recommended if you plan to use iCloud or other Apple products tied to your Apple account)
+- Apple Account (Your name at the top of the settings) > Sign-In & Security > Two-Factor Authentication > Security Keys: Set Up (if you plan to use iCloud or other Apple products tied to your Apple account
 - Apple Account > iCloud > Saved to iCloud: Disable everything (Be sure to delete the data from iCloud first) (_Note:_ if you are interested in using iCloud, see [here](/guides/moderately-important/backups/#iclouds-advanced-data-protection-program))
 - Apple Account > iCloud > iCloud Backup: Off (See my backup recommendations [here](/guides/moderately-important/backups/))
 - Apple Account > iCloud > Advanced Data Protection: See [here](/guides/moderately-important/backups/#iclouds-advanced-data-protection-program)
@@ -25,9 +76,10 @@ draft: false
 - Wi-Fi > Edit (top right corner) > Remove networks you no longer regularly connect to
 - Wi-Fi > [Your network] > Private Wi-Fi Address: Rotating
 - Wi-Fi > [Your network] > Limit IP Address Tracking: On
+- Wi-Fi > [Your network] > Configure DNS: Any provider from [this list](https://www.privacyguides.org/en/dns/) (You can ignore this if you plan to use a [VPN](/guides/less-important/vpns) on your device)
 - Wi-Fi > Wi-Fi should be disabled when you are not actively connected to a network.
 - Wi-Fi > Auto-Join Hotspot: Never
-- Bluetooth: Off unless needed.
+- Bluetooth: Off unless needed
 - Cellular > SIM PIN > Create a custom [PIN](https://support.apple.com/en-us/HT201529)
 - Cellular: Disable Cellular Data for any apps you don't need 24/7 access to.
 - Cellular: Wi-Fi Assist: Off
@@ -83,45 +135,5 @@ draft: false
 - Screen time > Content & Privacy Restrictions: Enable
 - Screen Time > Content & Privacy Restrictions > Allowed Apps: Disable everything you do not intend to use.
 - Screen Time > Content & Privacy Restrictions > Privacy & Allowed Changes: Set all to "Don't Allow Changes." This will prevent changes from being made on your behalf next time you update.
-- Any settings not covered are personal preference and are unlikely to cause any privacy or security issues no matter how you set them.
-
-## Android 14
-
-**_NOTE:_** _Due to the nature of Android devices, the exact layout of the menu may vary from device to device._
-
-- Network & Internet: Internet: Carrier settings: Allow 2G: Disabled
-- Network & Internet: Internet: Carrier settings: Require encryption: Enabled
-- Network & Internet: Internet: Saved Networks: Remove old networks you no longer use
-- Network & internet: Private DNS: Private DNS provider hostname: Automatic **or** Any provider from [this list](https://www.privacyguides.org/en/dns/) (You can ignore this if you plan to use a [VPN](/guides/less-important/vpns) on your device)
-- Connected devices: Connection preferences: Bluetooth: Disabled when not in use
-- Connected devices: Connection preferences: Printing: Default Print Service: Use Print Service: Disabled when not in use
-- Connected devices: Connection preferences: Quick Share: Off when not in use
-- Apps: All apps: Uninstall or disable any apps you don't use
-- Apps: Default apps: See [Securing Mobile: Replacement Apps](/guides/most-important/mobile-apps)
-- Notifications: Notification history: Disabled
-- Notifications: Device & app notifications: Review settings
-- Notifications: Notifications on lock screen: "Don't show any notifications"
-- Notifications: Enhanced notifications: Disabled
-- Display: Lock screen: Privacy: Don't show notifications at all
-- Display: Screen timeout: Shortest duration you are comfortable with
-- Wallpaper & style: Set your lock screen to something generic and non-personal (no family photos, etc)
-- Accessibility: Text-to-speech output: Preferred engine settings: Anonymous usage reports: Off
-- Security & Privacy: Device Unlock: Screen lock: [Strong password](/guides/most-important/passwords) preferred, followed by PIN, then Pattern.
-- Security & Privacy: Device Unlock: Screen lock settings: Enhanced PIN privacy: Enabled
-- Security & Privacy: Device Unlock: Screen lock settings: Lock after screen timeout: Shortest duration you are comfortable with
-- Security & Privacy: Device Unlock: Face & Fingerptint Unlock: Acceptable coupled with a strong password or PIN
-- Security & Privacy: Privacy: Permission manager: Check each app for any unncessary permissions and revoke them.
-- Security: More security & privacy: Usage & diagnostics: Disabled
-- Security: More security & privacy: Extend Unlock: Disabled
-- Security: More security & privacy: Device admin apps: Find my device: Enabled (only if you enable "Find My Device" in the "Securty & Privacy" settings)
-- Security: More security settings: SIM lock: Enable (contact your provider for the SIM PIN)
-- Security: More security settings: Encryption & credentials: Clear credentials (this may be a good idea if this is not a new phone)
-- Location: Disable if you don't use it, otherwise review apps and disable permissions accordingly
-- Location: Location services: Disable all (emergency services will still be able to pull the information regardless if you call them)
-- Passwords & accounts: Empty all saved passwords, use a [password manager](/guides/most-important/passwords) instead
-- Google: Disable everything (exception: enable "Opt out of Ads Personalization")
-- Any settings not covered are personal preference and are unlikely to cause any privacy or security issues no matter how you set them.
-- **_Note:_** _it is possible to use an Android device without ever signing into a Google account for added privacy. This must be done during device setup. You can use [F-Droid](https://f-droid.org/) (or another client such as F-Droid Basic) to procure many [open source](/guides/prologue/open-source) apps, and [Aurora Store](https://auroraoss.com) as a proxy for the Play Store for anything else you can't get on F-Droid. Note that with Aurora you will not be able to use Google to process app-related payments such as subscriptions or one-time payments to download the app. In these cases, it should be possible to sign into the Play Store exclusively without signing into Google on the entire device._
-- **_Note:_** _Android in particular is capable of a number of powerful, privacy- and security-enhancing strategies that iOS is not, such as the aforementioned "no account required," alternative app stores, sideloading, user profiles, and much more. Some of these are advanced techniques, but not all, though many of them fall outside the scope of this site. For those using or considering an Android device, I strongly encourage you to check out Privacy Guide's [Android page](https://www.privacyguides.org/en/android/) to get an idea of some of the things your phone is capable of._
 
-By enabling all of these settings, you are significantly reducing the amount of tracking and data collection these devices perform, but keep in mind that you are not completely eliminating it.
+By adjusting these settings, you are significantly reducing the amount of tracking and data collection these devices perform, but keep in mind that you are not completely eliminating it.