Ask HN: How to harden an android phone
As a paranoid owner of a new nexus, what recommended steps should I take to enhance security and privacy?
The first thing any competent practitioner is going to ask is this:
What is your threat model?
Are you the next Edward Snowden? A Russian doing drug deals on dark markets? A clerk at a locally run convenience store? Some tech worker in the Bay Area? A journalist in Western Europe? A Wal-Mart employee organizing to form a union? A free-software proponent and developer?
The answer here is to do some threat modeling. What activities are you involved with that may be interesting to those with power and capabilities? Are you concerned with powerful state or corporate actors? Are you concerned with the run-of-the-mill privacy invasions in typical Android apps?
For Nexus phones there's CopperheadOS [1], a hardened Android version focused on security. It sounds great but I haven't tried it. It's also nice that they try to upstream some of their work.