Quote from: comsec on July 01, 2013, 08:37 pmMost exploits rely on root being installed, and especially package manager + root. To prevent this build with seandroid MAC or use another permissions check like Open-Pdroidhttp://forum.xda-developers.com/showthread.php?p=42368298#post42368298The most important things :- locked bootloader to prevent encryption key recovery- no recovery mod or sabotaged one so they can't easily flash some forensics exploits- disabling bluetooth, gps, google location service and NFC. disable wifi if not using it- full encryption, then download 3rd party screen locker (or run your own) and uninstall it. now can use different pw for full disc and screen unlock instead of having to type in a gigantic unlock password - not using a carrier install, installing anything else even Cyanogen mod (with su, pm and adb removed or chmod 000)- not using the regular browser ever, only ORweb + Tor because Android is using old linux kernels full of known exploits- turning off roaming to avoid Stingray fake FBI towers- VPN or traffic through Tor to avoid carrier snooping and Stingray You can also run that Nexus 4 rom in an Android Emulator and probably use it to make calls with Redphone + a Google voice number. I haven't tried it.I think going to this level is overkill, but I don't plan to be actively hunted anytime soon, so my perspective is probably different... I also have no idea how you're going to route all traffic through Tor without any sort of superuser permissions -- that happens at the kernel level? Or are you saying that Cyanogen already does this these days? The problem is that every time you boot you need to re-apply it, so you're going to need root permissions every time you boot...?Quote from: astor on July 01, 2013, 08:57 pmThis is great advice and I will have to look into it, but aren't there problems with Tor on unrooted phones? IDK, I've never run it on a phone myself as I've always considered phones too unsafe for that. Up until now, I've simply avoided doing anything illegal on a phone, but if it's possible to make a phone safe, that's great. Occasionally people ask about it here on the forum.Tor doesn't require root, but the transparent proxy stuff does (to the best of my knowledge). So basically the tor app runs exactly like it does on your PC, and your browser uses it exactly like on your PC too. By way of analogy, Tails would require root permissions because it fucks with the kernel NAT stuff. Er, that's ambiguous... not in a hacking way, in a "uses as designed," way.