Best Practices
The following advice is given to prevent compromise of the device.
Operate on a zero-trust model
Limit trust in all parties where feasible.
Treat all signals as hostile
Always limit incoming signals.
When connected to WiFi, it is advised to reduce incoming connections by enabling airplane mode.
Legacy protocols such as 2G/3G could lead to packet injection or other means of compromise
Limit the use of these Cellular protocols with the following setting alteration:
Settings > Network & Internet > Mobile Network > Preferred Network Type > Select LTE Only
Reduce the use of proprietary (closed-source) software
Black box or closed-source code places a substantial amount of trust in the software developer(s) / software issuer.
Android Open-Source Software (AOSS) is preferred. However, open-source does not guarantee privacy or security.
Validate application signatures with the developer when available.
Prioritize Communications Security (COMSEC)
Use end-to-end-encryption (e2ee) for your communication.
Opt for programs like Signal[.]org & Threema[.]ch.
Proactively audit permissions
Applications should be audited (ideally as they're installed).
Stringently assign permissions. Applications should rarely, if ever, be provided the Sensor permission.
Reduce running services
Close out applications when no longer in use.
Stop the NFC & printing service:
Settings > Connected Devices > Connection preferences
Don't become a target
Most phones are compromised through weak implementations of cryptography and centralization of services. We seek to limit and avoid anything that would create anomalous looking traffic/activity.
As blunt as we can be, if you are a target, you are compromised. Prevent yourself from being the anomaly that intelligence communities seek to detect.
Anonymity Retention
There is a high probability that this falls outside of your threat model.
If this is indeed a priority, it is advised to purchase the handsets with all transmitters and sensors removed.
The option of anonymity is ultimately yours; Anonymity going forward after receiving the device is entirely up to you.
All payment options are tailored for both vendor and user privacy.
The device will be anonymously procured, and your information will not be retained for more than the designated period highlighted on our Secure Flashing page.
Be conscious of the cellular mechanism (if not desoldered), as this is the most de-anonymizing component of the device.
If you seek total anonymity, do not allow the handset to transmit data around any of your devices, and it is advised to keep the device in a faraday bag, especially when moving closer to homebase.
While anonymity is extremely hard to retain, the proper discipline can achieve those ends.