Best answer: Privacy is a broad area and it might be worth thinking about whether you have a particular concern over snooping by governments, law enforcement, the phone manufacturers, advertisers etc. Different measures are often focussed on different threats and may not be the most appropriate for you.

The standard recommendation for a privacy-focussed Android phone is to buy a Google Pixel (a used one if necessary to meet your budget) and install GrapheneOS on it instead of stock Android. However, Pixels might not be easily available in SA or installing a custom ROM may be beyond your technical comfort level.

If you're comfortable with the technical side of installing a different ROM but getting a Pixel is a non-starter LineageOS (with F-Droid rather than GAPPS ) is a decent alternative for privacy but afaics it's not officially supported on any of the phones you list. You could investigate whether other devices that do support it are within your budget and locally available.

If you do have to buy one of the phones above and use the stock ROM, my bias would be to go for the Samsung. I know someone who has a highly sensitive government job and their security team approves only a very small number of mobile devices, including Samsungs.

Then you need to lock down the privacy in both your phone settings and Google account as well as minimising the number of apps you have, minimising permissions, exploring privacy-focussed alternatives to the apps you use etc. Android Police have a decent basic guide but if this is a particular concern of yours, PrivacyGuides.org is a thorough and detailed resource.

You are right that simply owning a smartphone reduces your privacy considerably, but making the best choices does reduce the risk and is far better than giving up on privacy entirely in frustration at how hard it is.
posted by Busy Old Fool at 4:35 AM on March 24, 2023 [5 favorites]

Best answer: Busy Old Fool is much more informed than I, but I run a Samsung Galaxy Note20 Ultra (out of your budget) as I need dual sim and a stylus.

However, on the software end of things, you can install things that restrict your phone / other apps from doing things you don't want them to. For instance, I use Bouncer to alert me when any app tries to gain permissions.

I use Duck Duck Go as my browser (phone and laptop) and it turns off ad tracking of all kinds.

Etc.

My point is that even if you don't get your ideal phone from a security perspective, there are still things you can do to minimize exposure.
posted by dobbs at 7:29 AM on March 24, 2023 [1 favorite]

Best answer: Busy Old Fool's comment is a good one, and I'll second the notion that you need to define your threats before going much further down this path.

There's no single device or piece of software that can ensure your "privacy", because "privacy" is a nebulous term. (So is "security".) What information do you want to keep private, and most importantly, from whom?

The technology and processes that you'd use to keep, I dunno, racy text messages private from an overbearing family member who might look through your phone if you leave it unattended is different than the technology and processes you'd use if you're a reporter corresponding with Chinese nationals about the Xinjiang internment camps. And there are certain steps you might take in the first situation (like putting stuff into a commercial encrypted cloud service), that might be actively harmful in the second one.

I currently use iOS, because I think it's a better match for my privacy/security concerns, and I do not think the cost difference is as much as you are making it out to be if you look at used iPhones. Although the Android ecosystem has made some improvements, the service life (with security updates) on iPhones is generally quite a bit longer than Android handsets, and so there's a significant used market that's worth looking at.

On the Android side, I'd only consider handsets that have an unlocked or unlockable bootloader. Even if you don't actually use it or care about reflashing ROMs or that sort of thing, it's my experience that phones that are capable of being unlocked and reflashed generally (1) have a much bigger enthusiast community around them, so there are more knowledgable, hacker-type people looking for bugs etc., and (2) typically aren't made/sold by companies whose business models depend on semi-nefarious stuff like bloatware and pre-installed tracking/telemetry apps.

I would avoid Huawei, ZTE, and Xiaomi, and any fly-by-night/generic (re)brands. OnePlus seems to have a better reputation despite being a Chinese brand, but I've heard comparatively little about them. It seems like they run basically stock Android, which is good? I don't see any reason to look hard at them, though, given alternatives

If you want really broad-brush advice, keeping in mind what I mentioned earlier about needing to consider different threats and scenarios, and you definitely want Android, the safest choices available appear to be the Google Pixels and the Samsung Galaxys. And between the two, I'd give the edge to Samsung. But either way, I'd be sure to get a model that has several years of supported lifetime (with security updates) left.

But this is really just the first step and in some ways it's the most trivial. How you use your phone—what apps you install, what services you use, how you manage passwords, whether you use 2FA, where and when you turn it on—will matter much, much more to your privacy/security (in almost all threat scenarios, from skeezy siblings to APTs) than the brand, once you have eliminated the bad options. Someone who uses a sketchy Huawei phone bought in a night market but does so carefully is probably able to control their digital footprint much more effectively than someone who uses a S20 or iOS device and immediately installs and signs into a few dozen apps on it.
posted by Kadin2048 at 9:15 PM on March 24, 2023