The Privacy Cookbook usually provides guidance and instructions on how to make your existing hardware more secure. In today's chapter section, I want to cover the question"if you are up for a new device, what should I get?"
When it comes to cellphones, let's be blunt, you will never be private. We have covered iOS and Android in the past together and I've even covered how to get maximum security out of your Samsung phone by deactivating, via ADB, applications that are pre-installed. However, whilst these are all a really good direction in which to go, it will never be possible to be fully private on these devices.
Let's now assume you are up for a new device, and you really want to go down the privacy road. This means not a Samsung, not an iPhone but something with maximum security and privacy. Well, it might surprise you to discover you may have a few options.
Linux on Mobile
If you are adventurous and actually need a phone to make calls on, surf the internet, perhaps chat via Matrix and/or Signal, send a few SMSs then you could go with the PinePhone
The PinePhone has come a long way since the start and thanks to a highly driven Linux community you already have multiple operating systems focusing ton bringing an app ecosystem to the Linux phone. Manjaro and Mobian seem the best fits so far and are definitely a good choice when it comes to an OS on an open-source cellphone. The Librem 5 is another great product which comes focused on privacy straight 'out of the box'!
Both options seem to be phones which are ready for use as a daily drive, yet should be considered as at the beta stage. However, I still believe Linux phones in combination with open-source soft and hardware is something I consider the best when it comes to your privacy.
Yes, we have ways, via ADB, to remove or deactivate Google spyware on Samsung and co. However, this is not a solution that is considered super private, so if you want a deGoogled device you could look into Lineage.
However, since this article is about what to go for if you are up for a new device, I'll recommend going with a Pixel Phone. Yes, a controversial approach, get a Google powered phone, to get away from Google trackers!
Consider the Pixel 4a because it is half the price of the Pixel 5. The Pixel 5 is water and dust resistant and has a 90MhZ refresh rate vs 60 MhZ on the Pixel 4a, but other than that the Pixel 4a is pretty much the same phone, but for half the price. After you got a Pixel device you can choose between CalyxOS or GrapheneOS.
If you need a phone that is as close as possible to a Google flavored Android, including apps which need Google Play Services (I believe most apps work even if you get Google Services missing messages), then go with CalyxOS, which has an option for MicroG. It also has the Google Camera and offers an easy setup during the first boot including which apps you can choose to install, MicroG and many more. I know many people who claim CalyxOS is also the faster OS between the two and a smoother experience.
However, I am using GrapheneOS and chose it because of the privacy and security hardening GrapheneOS offers over CalyxOS. Both of these operating systems are Google and tracker free and can run most Android apps. F-Droid is a pre-selection on CalyxOS, whilst on GrapheneOS you need to download it from f-droid.org
Both CalyxOS and GrapheneOS are simple to install, and worry not, the phones are great, even the camera is impressive.
I have tried my fair share of computers and companies in the past, but the two companies I recommend here are Purism (Librem 14), which even has a physical kill switch for Wi-Fi/Bluetooth and the microphone/camera.
Or my personal daily drive which is a System76 computer.
I've worked with both companies products and in my personal experience System76 is just second to none when it comes to hardware, software and service. The team is helpful and communicative, the updates are fast, and most laptops come with coreboot which makes it private and Intel spying free! System76 has affordable computers and laptops, and comes with Pop_OS pre-configured. This means during the first boot you chose an encryption key for your computer and then all you have to do is wait to install Pop_OS.
Even for someone who has maybe never used Linux previously and now wants to make a switch for greater privacy, I doubt will have any issues with Pop_OS.
So privacy can be achieved and all on some great products!