Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Does my Android phone need a firewall, and is tethering safe?

Question:

Appreciated if you could kindly answer these two questions: 1. My Android
phone has been installed with Avast mobile version (antivirus, web shield “on”
… ) but NOT with their firewall as this will require phone rooting. My
question is will I be better off having it rooted and (supposedly) secured with
a firewall or keeping the current setup? I have been largely a satisfied user
with Avast in my PC for years and also occasionally have been doing some
internet banking via my phone.

2. I am also interested in tethering my phone to my laptop via a software
like EasyTether, as this is legal in the country where I live though bandwidth
might be throttled by my ISP (that’s a different story). Are there any security
concerns or issues that I should be aware of, given the infrequent internet
banking I do? Or put in other words, is it safe as the app maker suggests the
https sites data will remain encrypted? Though I suppose Android being open
standard is as good as how often app maker update/ patch up their software from
loophole(s) hackers from time to time may find. I’m thinking EasyTether as it
is done via micro USB cable not Wifi and so presumably safer and also it does
not require that my phone be rooted (but this relates this question 1). Thanks
for your reply!

In this excerpt from
Answercast #32
, I look at the issue of rooting a phone just to get a
firewall and staying safe through a tethered connection.

]]>

Do you need a firewall?

So, first question, do you need a firewall on your phone and is it worth rooting the phone to get one?

  • I don’t think it is, especially if the phone is standalone.

My answer may change sometime in the future, but for the time being, I don’t believe that the threat is big enough to warrant rooting your phone just to get a firewall.

The assumption is that over time the threat against Android phones and iPhones will increase as they both:

  1. Become more popular and,

  2. Hackers spend more time focusing on them as targets.

For now, I really don’t think it’s an issue. To be honest, if you’ve got your Wi-Fi on the phone turned off, then the only network that you’re exposed to is the cellular network: the cellular data network. I really don’t see that being that big of an issue.

So if you’re really concerned:

  • Turn off the Wi-Fi when you’re in some place that you’re not certain about.

Is tethering a phone safe?

Now, as for question number two: tethering and is it safe?

Obviously, when you setup to tether your phone to your laptop, you are connecting your laptop through the phone to the cellular network.

  • That is more or less like being on the internet naked.

I do recommend that you have your firewall turned on, on your laptop, since (when you’re tethered) that is the device that is exposed to the internet. But, that’s about all I would do.

The other thing, of course, is treat it as if you’re in an open hotspot: which implies that you will make sure that everything’s encrypted or done through https.

But in reality, if you’re at home and you’ve got a PC connected directly to the internet, the standard advice we would use there applies here. That is:

  • Have a firewall; turn on the software firewall on the laptop that you’re tethering.

  • Don’t download silly things.

  • Use https for your banking connections (it will certainly stay encrypted through the tethering application – the tethering application is simply handing packets back and forth, so it really doesn’t care whether they’re encrypted or not).

… and you should be fine.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.