PDA

View Full Version : Are there any security worries if I use a Nethunter phone and a daily driver?



C1M7
2015-06-13, 20:58
So I'm thinking about switching from my iPhone 6 plus to a Nexus 6 solely to be able to run Nethunter on the go. I would get a Oneplus One but I have Sprint and they don't have a CDMA version. :( My question though is, how secure is an android phone as a daily driver if I install Nethunter on it or does it lessen any security? I know noting is ever going to be 100% secure but I feel comfortable on my iPhone checking my bank, PayPal, and any other sensitive data. I know that android is a secure platform and that you obviously have to use safe security practices and common sense but does installing Nethunter compromise security at all? I am seriously considering making the move but I don't want to give up the comfort of making a paypal transactions in my browser, ect. I am not taking about any MITM or wifi based attacks, I'm just talking about general security of the device dat to day.

A little background:

I've been involved in many aspects of computer security for quite and while. I have a had nexus 7 with Nethunter since day 1 and I've been using Kali for years. I have had android phones in the past so this won't be a drastic change for me but this is the only issue/concern that I have with making the switch.

How many of you use a Nethunter phone as a daily driver and access sensitive information?

binkybear
2015-06-16, 01:46
Hey C1M7,

You took off a bit before I could answer you so here it goes.

As far as being concerned about security, the compromise is selinux and having root. That will decrease the security of the device. Although, if you are on Kitkat you don't have selinux enabled anyways. By default, Nethunter does not start any services at startup so you won't be any more of a target than any other phone/device. That being said, you have a lot of options to run a lot of services and running those services (and not turning them off) can leave you vulnerable to attack.

There are more "manual" options such as using Multirom. That would allow you to keep a regular phone and then switch over to a different ROM with Nethunter on it. It's a little more work and you can't use the Windows installer for this method.

tldr; It won't make your phone more insecure but make sure you know what's running.