SECURE: Advanced toreopp - Mobile Security Configuration

Last updated
Sep 7, 2021
Brand
OnePlus
Model
5T
Mobile OS
Custom Android-based (see below for details)
Mobile OS version
ArrowOS 11.0 RQ3A.210905.001 (Android 11)(AOSP)
Mobile system updates
Manual - check for updates, but do not install system updates
Mobile app updates
Manually allow app updates
App privacy permissions
  1. Android - Block unknown apps
Explicitly allowed
Per install basis.
Magisk, YouTube Vanced, AdAway.
Play Protect settings
Automatic - allow periodic scans to protect against potentially harmful apps
Real-time security apps
None

Malwarebytes On-demand
Authenticator apps
Google, Microsoft, Blizzard, Duo
Autofill & Password apps
Bitwarden
Find my phone
Managed by the operating system
SIM card security
SIM card is passcode protected
Screen lock settings
Password
Biometric lock settings
  1. Fingerprint or TouchID
Sharing visibility
Off or Hidden - block all incoming files
Browser apps
Opera, Chrome
Content filtering apps
AdAway
Opera: Built in krypto and ad-blocker
Phone & Caller ID apps
Should i Answare?
Messaging & Social apps
Signal, , Telegram, Discord, Snapchat
Music & Podcasts apps
Youtube Music Vanced, Pocket Casts
Video & Livestream apps
VLC, Twitch, Youtube Vanced
Games & Optimisation apps
None
Secure DNS
ISP (with filtering) on Wi-fi
VPN
Privado VPN
Maintenance and Cleaning
None
(only built in tools)
Personal Files & Photos backup
google account, google fotos
Personal backup routine
Automatic (scheduled)
Personal changelog
12.09.21:
-New version of OS with september security update
Feedback Response

General feedback

toreopp

New Member
Mar 12, 2016
8
I do weekly manual updates trough the update service (notifications is on). Updates has to be done trough TWRP. Bootloader is encrypted.
App update is disabled so not too overwrite my Vanced apps, i do manual updates when i get notified.
I use F-droid or apks to update non playstore apps.
Developer options is unlocked, usb debugging is off, Rooted, bootloader unlocked.
Full GApps and SELinux is in permissive mode.
Kernel: 4.4.281-Arrow+
Magisk: Tapjacking protection ON, Biometric Authentication ON

Security update: 05.09.2021 (up to date)

I use custom builds because latest offical is Android 10(OxygenOS 10)
 
Last edited:
  • Like
Reactions: Nevi and harlan4096

Thiagoo

Level 3
May 10, 2021
95
SELinux shouldn't be in permissive. It's a important part of Android security. Set it as Enforcing and if your ROM doesn't support it you should use stock instead.

Running all time with root privileges is also a terrible practice.
 
Last edited:
  • Like
Reactions: Gandalf_The_Grey
Top