I've never been a security conscious guy until recently, where suddenly it seems like I've gone full blown paranoia in face of the inevitable cyberpunk future.
Basically, I want to know how to encrypt my entire (Year and a half old) Android phone as much as possible, so that the data is mine and not available to be taken by any government. I've installed Tor and trying to use Signal for messaging (Gotta get other people using it first), but I wanna know what the next step is to securing myself.
I'd recommend you to flash a custom rom based on AOSP. That way you get sure of not having any software backdoors on the phone. If you want to know what custom roms are available for your phone, search for your phone model + xda and you'll get to the dedicated forum for it, if it exists.
If you don't trust google anymore, you can always decide to not flash the google apps (gapps for short) on the new custom rom. Since the gapps include all of the google services, gmail, and the play store, is kinda hard giving up out of the air. In case you decide to do so, you can always use f-droid or apk mirror to get apps in your phone.
>the data is mine and not available to be taken by any government It' isn't possible to achieve that with a phone. The modem system is proprietary, and it can control (if good modem isolation isn't provided) RAM, storage, GPS, camera and microphone. Also the phone connects to base stations without requiring any kind of authentication, and anybody can set up a fake base station to steal your data. Also the disk encryption on android isn't very good. https://arstechnica.com/security/2016/07/androids-full-disk-encryption-just-got-much-weaker-heres-why/ The best that you can do is to flash with an open source ROM that removes every Google apps and use FDroid. I wouldn't recommend Signal since it's only avaible on Google Play and it does use Google Plays Services and Google Cloud Messaging.
>>4556 When you say that you don't recommend Signal it's be useful if you provided an alternative. If there isn't one (Matrix could be in the future, now it's still pretty buggy and not very user-friendly if compared to Signal).
>>4561 For Android in order of quality when accounting for both security and stability, it goes conversations (omemo, otr, pgp), zom (otr) and chatsecure (otr); the last should be avoided as project maintenance is constrained. I wish you luck in convincing others to pay for conversations, seeing as people seem to just expect things for free without contemplating the "nothing in life is...", thanks to stasibook and co *sighs*
>>4566 OP may roll with F-Droid but nonlains would predictably stay vanilla. Suggestion could be, build the APK yourself and upload to a throw away google play account and direct contacts to your build, but then you'd start feeding into alphabet which goes against trying to stray away from using their services...
>>4556 I've been thinking for a while it would be better to use a dedicated mobile hotspot with a small wifi-only tablet. Would be a pain carrying two devices but would solve the malicious base station problem no?