Galaxy Nexus 7 Android 4.1 security hints and tips

The Galaxy Nexus 7 is Google’s answer to the Amazon Kindle Fire. I’ve been using this TAB since receiving one at Google I/O back in June. Since then, I’ve been really impressed with the ‘buttery’ Jelly Bean (it’s running the latest version 4.1.1), browser rendering, battery performance and gaming power. So what about Android Jelly Bean security?

Here are the important security features (and there are quite a few options available to you) you should take some time to look at on the Nexus 7:

  • DEVICE LOCK – Open Settings > Tap on Security > Tap on Screen lock. Set a device lock, so only you can access:  You can choose a pattern lock, PIN unlock or password unlock. I suggest you use the password lock as this is the most secure.
  • CONTACT INFORMATION – Open Settings > Tap on Security > Tap on Owner Info. Make sure you leave your contact information on the lock screen in the event your device is lost and an honest person wants to return it to you.
  • ENCRYPT DEVICE – Open Settings > Tap on Encrypt Tablet and you will be asked for either a PIN or password. This is the same that you used for DEVICE LOCK. I have an issue in that this function should use a secondary PIN or password, not the same as used for DEVICE LOCK. A user should verify using DEVICE LOCK then set a new PIN or password for encryption. This function allows you to encrypt your accounts, settings, downloaded apps and their data, media and other files. See bootnote1.
  • PASSWORDS – Open Settings > Tap on Security > Tap Make passwords visible. Now, when you type in passwords your Android phone will briefly display the character before hiding it.
  • DEVICE ADMINISTRATION – Unknown Sources – Remember, NEVER uncheck this feature as this will leave you exposed to non-Play Store apps which might be malicious.
  • WIRELESS & NETWORKS – Open Settings > Tap More… and uncheck NFC – this drains the battery. When you uncheck the NFC function > Android Beam*will be greyed out. See bootnote2.

*For the benefit of my tech readers: Android Beam first appeared on Android Ice Cream Sandwich (ICS) – it reads NDEF data from an NFC TAG which then uses Bluetooth to send and receive the media files. Also worth noting – we did some research back in June which found non-media content worked as expected on Android Beam, however large files that could not be sent using just NFC would only work on 4.1 Jellybean where the API has been updated to leverage Bluetooth for the data transfer. I don’t believe this bug has been fixed.

One final point worth mentioning – Android 4.1.x comes with Wi-Fi Direct (which uses the WPA2 encryption standard) which allows you to connect simultaneously to both your network and a P2P device or Wi-Fi Direct. Man-in the-middle attack possibility?

Safe surfing folks!

Bootnote1: Encryption can be vulnerable to brute force and side-channel attacks, but given you will not be storing state secrets on your Nexus 7, this shouldn’t worry you. Note: Android 4.1 uses AES-256 bit encryption.

Bootnote2: HOTSPOTS typically do NOT encrypt data packets – this is the norm with FREE Wi-Fi on the move. You have been warned.

This entry was posted in android, google, mobile, privacy and tagged , , , , , . Bookmark the permalink.

One Response to Galaxy Nexus 7 Android 4.1 security hints and tips

  1. Deniz says:

    Interesting article, but how do you know that Android 4.1 uses AES 256 bit encryption and not 128 bit like on 4.0?

    And my second question: Is the internal “sdcard” of the Nexus 7 encrypted as well?

Leave a Reply

Your email address will not be published. Required fields are marked *