As long as you keep device in your possession with a quick option to wipe it, I believe that mitigates the unlocked bootloader. Graphene locks the bootloader as a more secure option.
I tried Invizible Pro and do not see option for split tunnelling. I suppose Orbot may be a better choice if authentication to one of those services is needed.
If you can't trust your OS, trying to anonymize it is useless.
Verified boot doesn't prevent you cleaning up the device. Modern android phones have wonderfully sophisticated per-file disk encryption.
In pixels, the decryption key is stored in a secure enclave (Titan M). If you want to wipe the device safely, you can just reset the OS. (This deletes the decryption key from the secure enclave which turns all user data on the user data partition into random junk).
GrapheneOS for example gets all of these things right. It is possible to make your phone secure, but not by permanently unlocking the bootloader and rooting the device.
> If you can't trust your OS, trying to anonymize it is useless.
Well yeah, welcome to the modern smartphone era. Those protections are useless or counter-productive because the base ROM has already spyware backed into it.
I don't know why some people consider a chinese no-name pre-installed rom more secured than lineage os but that's not how it works.
> In pixels, the decryption key is stored in a secure enclave (Titan M). If you want to wipe the device safely, you can just reset the OS. (This wipes the decryption key from the secure enclave which turns all user data on the user data partition into random junk.
None of that matters if your data is just sent to Google anyways.
> Well yeah, welcome to the modern smartphone era. Those protections are useless or counter-productive because the base ROM has already spyware backed into it.
If you assume this to be correct, then there's no point in attempting to make your phone private. Privacy isn't possible without security.
> None of that matters if your
data is just sent to Google anyways.
when you use a custom ROM, that's not necessarily true. But using a custom ROM doesn't necessarily mean you have to permanently unlock your bootloader, so that argument doesn't make sense.
> If you assume this to be correct, then there's no point in attempting to make your phone private. Privacy isn't possible without security.
You have it the other way around, security starts with privacy at its absolute minimum. If data is sent to a third party every time you tap something on the phone, you are using an insecure phone, regardless of what complex hardware they are using.
> But using a custom ROM doesn't necessarily mean you have to permanently unlock your bootloader, so that argument doesn't make sense.
True, depends on the phone though, some of them cannot be locked again and there's no way to completely fix those phones with a better ROM.
I disagree. You can‘t keep data away from others when it isn‘t safe. Security doesn‘t necessarily imply privacy (as demonstrated by your argument), but making something private is impossible without making it secure. How can you hide something in your house when it doesn’t have a lock and anyone can just walk in? Likewise, how is your phone private if, say anyone can unlock it?
> True, depends on the phone though, some of them cannot be locked again and there's no way to completely fix those phones with a better ROM.
Then you shouldn‘t use those phones for a secure setup. I think we can agree on that. But the author of the article used a phone that is capable of locking the bootloader with alternate ROMs.
> How can you hide something in your house when it doesn’t have a lock and anyone can just walk in? Likewise, how is your phone private if, say anyone can unlock it?
Security requires privacy. A phone without privacy is insecure by design, insecure because it leaks data.
And the biggest danger to consumers nowadays isn't a bootrom exploit but that their location, card payments and data profile is sent to advertisers.
You might never get a chance to wipe it. I had a cop whip out a loaded gun and point it at my head to take my phone out of my hand. I didn't even have a lock code as there was nothing to hide, but if I had been a criminal I would not have had time or opportunity to do anything without my brains leaving my skull.
I tried Invizible Pro and do not see option for split tunnelling. I suppose Orbot may be a better choice if authentication to one of those services is needed.