Just some simple reminders.
Nothing on a phone is private or secure.
Signal is secure against ISPs and telecom providers.
Signal is not believed secured against state actors. See point one above.
Please note the recent stories that signal had been hacked. It wasn't and required physical access, which provides unencrypted access to the encrypted data store. Google, apple, and three letters have the ability to directly access anything on your phone. Basically equivalent physical access.
LineageOS and GrapheneOS both come without Google Play Services or uninstallable spyware like Facebook and Twitter. With the right hardware, they also do their best to defend against attacks from baseband/firmware.
That's certainly possible. However, you need to understand the application processor is not the primary processor. The primary processor runs a blackbox RTOS and controls the radio. Normally this processor has full access to the same buses. Which means memory, storage, gps, camera, wifi, and microphone. Meaning you can be observed without notice and without an active call. Which also means equivalent physical access.
This is the real story behind 5G and why china was pushing the "dangers" of 5G after they started getting kicked out for national security reasons. They were trying to delay adoption, hoping they could get their spying infrastructure in place instead.
This is also the primary reason physical battery removal is hard to come by now.
Nothing is secure on a phone.
Thanks for elaborating. The technicals align with what I have read elsewhere.
GrapheneOS in particular has a pretty strict definition of what is a "supported device" based on a lot of the same scenarios you mentioned above. I'd certainly be interested in your take:
(post is archived)