151 students enrolled

Connecting to Public Wi-Fi Hotspots Securely

File encryption on Android

Smartphones have already become an important assistant in work and play for many. Modern phones are reliably entrenched in our schemes for receiving, sending, storing, creating and editing information. Some of this information is confidential and it is very important to protect it in cases of, for example, loss of the phone or unauthorized access to it.

This article will consider programs specifically for encrypting files, since there are many programs for encrypting and storing other information (passwords, financial information, etc.) and there are no special problems when choosing. When it comes to file encryption, this is a different story. I found 3 similar programs on Google Play that deserve attention. Each of them is still quite young and is developing rapidly. Analyzing them, I will especially focus on the following criteria: compatibility of the created encrypted containers with desktop operating systems, ease of working with files in containers.

These are programs:

  • LUKS Manager
  • EDS Lite
  • Cryptonite

1. LUKS Manager. This is one of the oldest (appeared first) true file encryption programs on Android. Before her there were funny programs that changed the file extension for “encryption”, assigned them the hidden attribute and did other nonsense. LUKS Manager offers the creation of encrypted containers. In this case, encryption occurs “on the fly”. The default encryption algorithm is AES. The program allows you to create, modify, delete containers of arbitrary size (limited only by the size of the phone’s memory). EXT2 / 4 and FAT32 file systems are supported.

This is how the main menu of the program looks like:

To create a new encrypted disk (container), select “Create”. We select the location of the disk, its size and password.

These are the available settings:

To mount (access) our disk, select “Mount”. A list of available discs appears. In my case, there is only one disk – “Safe”.

After selecting the disk, enter its password.

The disk is mounted, you can start working. LUKS Manager has its own file manager. But you can use any other installed on the phone. Since our disk is mounted as a folder, we can perform all the usual actions for folders with it and with its files.

For example, I entered it through the File Expert manager.

It can be seen that the folders of the encrypted disk are no different from ordinary folders and all operations can be performed with them.

Through the same File Expert, you can connect your phone to a computer via FTP and work with an encrypted disk, as with a regular folder on a desktop BB! Those. files can be copied, deleted, opened, etc.

Pros of LUKS Manager:

encryption on the fly, support for various encryption algorithms and file systems;
cross-platform compatibility: disks created by LUKS Manager can be opened on Linux and Windows (on Windows through the FreeOTFE program, which, unfortunately, has serious compatibility problems with 64-bit versions);
working with a container is carried out as with a regular folder.

Cons of LUKS Manager:

the biggest drawback is the lack of compatibility with TreuCrypt containers. If not for this annoying imperfection, LUKS Manager could have been called the best file encryption program for Andoroid of all time, but … alas;
ROOT rights are required to work.

Conclusion: the program copes with its main functions very successfully – encrypting files on the phone is recommended. You can download LUKS Manage by link removed.

2. EDS Lite. The next program is very young, but now it has two features that raise it head and shoulders above all competitors. The first is support for volumes created by TrueCrypt. This is amazing considering TrueCrypt runs on all major desktop platforms. Root rights are not required for the program to work!

The program is young and not everything is so perfect in it, for example, you cannot work with an encrypted container as with a regular folder. However, there is a built-in file manager that supports all standard file operations. You can use the sharing functions to send photos from the gallery or videos from the player, etc. to the container.

To use a container from TrueCrypt to Eds, you need to set the following settings when creating a container.

Encryption Algorithm: AES 256

Hash Algorithm: SHA-512

File System: FAT

This is how the main window of EDS Lite looks like – we are shown a list of containers available for mounting.


New container creation menu:

There are few settings yet – the program is very young:

After creation, select our container and enter the password:

Files can be viewed through the built-in file manager.

When you click on the files, the associated application is launched.

You can create directories, copy, delete files.

But still, what about access to encrypted files from a computer? Do you really have to copy the container back and forth? No, everything is much more interesting and simpler. Connect your phone in disk drive mode. Launch TrueCrypt:

Click “File …” and select your mounted smartphone disk and container file.

Click “Mount” and enter the password. “

And in any file manager (part of TotalCommander in the screenshot), you work with encrypted files on your phone as if they were located on a PC.

Pros of EDS Lite:

support for TrueCrypt containers is an amazing feature, and this is what many expected from such programs;
Root rights are not required;
unprecedented cross-platform support due to support for TrueCrypt containers.

Cons of EDS Lite:

the impossibility of working with encrypted containers through third-party file managers – due to different functions, this drawback is practically leveled, nevertheless, I would like to have such an opportunity.

Conclusion: the program has raised the file encryption capabilities on Android to a whole new level. So far, only the first version has been presented to us, but it is already a serious statement of leadership in this group of programs.


3. Cryptonite. The program is under development and testing. Among other things, it will be allocated support for cloud drives.

To mount containers, Kernel FUSE support is required from the kernel. My phone does not meet these requirements, so in practice I could not evaluate the program. You can view screenshots of Cryptonite at link removed.

Based on the description of Cryptonite, we can state that the program is working now and, possibly, will work with containers only on CyanogenMod ROMs. The chosen cryptographic file system EncFS has not yet been ported to Windows. A possible consequence of this may be the inability to work with encrypted containers from under Windows. On the positive side, attention is drawn to cloud services, which are currently gaining popularity.

So, to summarize the entire article:

currently, convenient and reliable programs for Android have already been created that allow you to encrypt files, folders, create encrypted containers;
you can access and work with encrypted data not only on mobile phones, but also on desktop computers.

You can access Wi-Fi hotspots almost anywhere these days. While it’s a convenient way to connect to the internet (often for free), it’s not as safe as you may think. You may not know who set it up, how secure it is, or who else is connecting to it. There are significant security risks when connecting to an unknown Wi-Fi hotspot. It’s relatively easy, for example, for a malicious actor to see everything you type and every site you visit on an unsecured network.

Where you can’t use your phone’s internet connection instead, there are some simple things to consider and steps you can take to protect your data and personal details when accessing a publicly available Wi-Fi hotspot.

Check Whether You Can You Trust the Provider

While no publicly accessible Wi-Fi network is entirely secure when you do use them, try to stick to well-known networks (for instance, those provided by the store or coffee shop you’re in). Ask yourself why someone would provide a free service and whether they might have a nefarious reason for doing so.

Some hackers use hotspot names that are similar to the names of the location you’re in use. If unsure, ask an employee for the name of the hotspot that they provide.

Don’t automatically connect to any available free hotspots – in fact, it’s good practice to disable this feature on your phone or other devices. For instance, some devices can join other unencrypted wireless networks without your intervention and transfer information; it’s a good idea to close apps you’re not using and/or limit their ability to go online in the background.

Try Not to Access Sensitive Information While Browsing

Even where a trusted source provides a Wi-Fi hotspot, some forms of attack (called ‘man in the middle’) can eavesdrop on your online activity by intercepting data between your computer and the hotspot’s router. The best way to protect yourself against this attack is to use websites that implement encrypted communication (which are labelled HTTPS rather than HTTP). You can also use a Virtual Private Network (VPN) which does the same thing for all your communications (see below).

The best thing to do is assume that someone is listening to (or watching) your web browsing and limit the browsing you do so that it does not include providing personal or sensitive information such as your email address or phone number. In particular, do not conduct tasks like electronic banking or making purchases online through an insecure network as your financial details could be stolen.

Turn Off File Sharing Options and Avoid Downloads

You should disable features on your device that enable easy file-sharing, printer, or network access (such as Airdrop). This ensures that no-one can access your files or send files you don’t want to your device. You should also avoid sending any files that you don’t want anyone else to have access to. As stated above, the best thing is to assume that someone can see these files. Also, don’t download files or install applications or apps when using a hotspot unless it’s necessary.

Using a VPN

If you deal with sensitive information and need to access Wi-Fi regularly (such as when traveling), then the best option is to use a VPN service. VPNs encrypt all data traveling to and from your device through a secure server, and they make it almost impossible to intercept and read your data. While this is best practice for business users and others that deal with sensitive information, it’s probably not a practical option (and not free) for the average user who wants to use a Wi-Fi hotspot from time to time.

The next-generation Wi-Fi security protocol (WPA3) will include built-in security protections for accessing networks through wireless hotspots. Until then, keep the above points in mind when accessing an unknown Wi-Fi network to ensure your security.

0.00 average based on 0 ratings

5 Star
4 Star
3 Star
2 Star
1 Star

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.