Your phone is the single biggest surveillance device you own. It knows where you are 24/7, who you talk to, what you read, what you buy, your health data, your voice, your face, and your heartbeat (if you wear a smartwatch).

In 2025 the default Android and iOS experience is worse than ever — Google has doubled down on AI-driven tracking, always-on location, and cross-device graphing. Apple is marginally better on paper but still phones home constantly and now forces Apple Intelligence processing unless you fight it. Real mobile privacy is possible, but it requires deliberate choices and some trade-offs.

Best privacy-capable devices (longest support, unlockable bootloader, best hardware security):

1. Google Pixel 8a / 9 / 9 Pro / 10 series — only phones that get 7+ years of updates and fully support GrapheneOS

2. Fairphone 5 (Europe) — repairable, but weaker security updates

3. Older Pixels (6a–8) still excellent if bought used in good condition

Avoid: Samsung, OnePlus, Xiaomi, Oppo, Nothing, Motorola — all have permanent backdoors, poor update policies, or preinstalled Chinese/Russian telemetry.

Linux phones (Librem 5, PinePhone Pro, Volla) — true ownership but apps, cameras, and battery life are still bad in 2025. Only for Tier 3.

This stops 95 %+ of mobile tracking while letting you keep banking apps, Uber, WhatsApp, etc.

• Buy a Pixel

Keep stock Android but immediately:

• Disable Find My Device, Google Play Services location, personalized ads, usage & diagnostics

• Install NetGuard or TrackerControl → block internet access for all Google apps

• Use Aurora Store (anonymous Google Play front-end) for apps

• Install Mull or Cromite browser (hardened Firefox/Chromium forks)

• Use ProtonVPN or Mullvad VPN with always-on + kill switch

• Switch to NextDNS or AdGuard DNS (encrypted)

• Replace Google Messages with Signal or QKSMS + Silence for SMS

• Use Bitwarden for passwords, Authy or Aegis for 2FA

• Enable Advanced Data Protection for iCloud

• Disable Siri & Search, Analytics & Improvements, Personalized Ads

• Use Lockdown Mode (only if high-risk — breaks some apps)

• Use Mullvad/Proton VPN with always-on

• Use Orion browser (WebKit-based with strong tracking protection)

• Use DuckDuckGo or Startpage as default search

• Turn off Location Services for everything except Maps when needed

With Tier 1 you’re already vastly more private than 99 % of people.

• GrapheneOS (Pixel only) — the undisputed gold standard in 2025

• Verified boot, hardened memory allocator, no Google services by default

• Sandboxed Google Play available if you need incompatible apps (runs in isolated user profile)

• Automatic reboots, per-connection MAC randomization, sensors toggle, network toggle

• CalyxOS (Pixel + some others) — easier for beginners, includes microG and free ProtonVPN

• DivestOS — great for older devices, very aggressive debloat

• App sources: F-Droid + Obtainium (for direct GitHub/GitLab updates)

• Browser: Vanadium (Graphene) or Mullvad Browser

• VPN: Mullvad or IVPN full-time (WireGuard + multi-hop if paranoid)

• DNS: Mullvad DoH or self-hosted dnscrypt

• Messaging: Signal (disappearing messages, no phone number exposure if possible) or SimpleX / Session

• Email: ProtonMail or self-hosted with FairEmail client

• Maps: Organic Maps or OsmAnd~ (offline, no tracking)

• Keyboard: AnySoftKeyboard or FlorisBoard (no cloud)

• 2FA: Aegis (offline) + YubiKey/Nitrokey where possible

• Work profile: Use Shelter or Insular → isolate work/social apps completely

At this level you can still run 95 % of normal apps (banking, rideshare, etc.) via sandboxed Play Services.

This is for people with serious adversaries.

• GrapheneOS with sandboxed Google Play disabled completely (zero Google)

• No proprietary apps at all — if an app requires Play Services, you don’t use the service

• Daily phone: GrapheneOS, eSIM or no SIM, Wi-Fi only when needed

• Burner phone: cheap Android with prepaid SIM bought with cash for 2FA/voice

• VoIP: Linphone or self-hosted SIP with Jumio/Zoiper

• Messaging: SimpleX Chat (no identifiers at all) or Briar (Bluetooth/Wi-Fi Direct fallback)

• Cwtch for highest metadata resistance

• Location: Phone stays in Faraday bag when not in use. Airplane mode + Wi-Fi only when needed

• Camera/mic: Hardware switches if possible (Pixel 6–8 with Graphene toggle, or Fairphone)

• Updates: Enable automatic updates + reboot nightly

• Backups: Local encrypted with SeedVault, never cloud

• Financial: Privacy.com virtual cards or Monero wallet only

• Authentication: Only YubiKey/Nitrokey 5, no biometrics ever

• Remove all external microphones when possible (some people desolder them)

• Use external GPS (Bluetooth) only when needed

• Smartwatch: Garmin Instinct 2 (no mic, no cloud sync) or nothing at all

[ ] Buy a used/refurb Pixel 8a or newer (€300–500)
[ ] Unlock bootloader & install GrapheneOS (web installer, 30 minutes)
[ ] Install F-Droid + Obtainium
[ ] Set up Mullvad VPN (pay with Monero) + always-on kill switch
[ ] Install: Vanadium, Aegis, Organic Maps, Signal/SimpleX, Bitwarden, FairEmail
[ ] Enable sensors permission toggle, network permission toggle, auto-reboot
[ ] Move all banking/social apps to separate work profile (or delete them)
[ ] Get a YubiKey 5 NFC and register everywhere possible
[ ] Turn on iOS instead: Enable Lockdown Mode + Advanced Data Protection + Orion browser + Mullvad VPN
[ ] Additionally check out: Using an iPad for secure comms

Do this and your phone goes from being Google/Apple’s wiretap to being effectively invisible to everyone except nation-states with physical access.

The truth in 2025: If you use a normal iPhone or stock Android with your real identity, you have almost no mobile privacy. But with a Pixel + GrapheneOS + the Tier 2/3 practices above, you have stronger operational security than most intelligence agencies had 15 years ago.

Choose your threat model, implement ruthlessly, and never go back!

If you want to support my work, please, consider donating me:

• 0x1191b7d163bde5f51d4d2c1ac969d514fb4f4c62 or officercia.eth — all supported EVM chains;

• 17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU or bc1q75zgp5jurtm96nltt9c9kzjnrt33uylr8uvdds — Bitcoin;

• BLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB — Solana;

• 0zk1qydq9pg9m5x9qpa7ecp3gjauczjcg52t9z0zk7hsegq8yzq5f35q3rv7j6fe3z53l7za0lc7yx9nr08pj83q0gjv4kkpkfzsdwx4gunl0pmr3q8dj82eudk5d5v — Railgun;

• TYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN — TRX;

• 4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — XMR;

• DQhux6WzyWb9MWWNTXKbHKAxBnAwDWa3iD — Doge;

• UQBIqIVSYt8jBS86ONHwTfXCLpeaAjgseT8t_hgOFg7u4umx — TON.

If you enjoy my content and want to help keep it ad-free, please consider supporting my work through donations. Your contributions will allow me to dedicate more time to crafting in-depth articles and sharing even more valuable insights.