How to secure an android device
I am increasingly conscious of security and privacy. I don't want my data or telemetry being sent to google or Facebook, and I want to make sure my device is encrypted and not readable by anyone other than me.
Is there a standard go-to guide on securing an android device with these types of goals in mind? Is true privacy possible without having to install Graphene?
I run GrapheneOS its a 3rd party degoogled ROM with lots of great security features. Its also incredibly entertaining every time google or apole comes out with a new security update or patch to a critical security issue and the GrapheneOS devs go yeah we did that 2years ago.
Yeah I just don't want to ditch my perfectly good Galaxy A54 until it's actually broken
AFAIK, there's two types of "secure" when it comes to Android:
(I guess a third "secure" would be 'Secure against exploits", but that's outside the scope of my advice).
It's not impossible to be both types of secure, but it is difficult. The main reason both is hard is because to achieve #2, you have to unlock the bootloader which leaves you open to #1 since re-locking it after installing a good custom ROM will prevent the device from working (or brick it at worst).
Achieving #2 is sufficient for me since I don't keep a lot of sensitive data on it, and that sounds like what you're asking.
On my phones that support it, I do unlock bootloader, install LineageOS without GApps, and make sure I have root available. I run few apps, but the ones I do all come from FDroid (or Aurora Store in a pinch).
On phones where I can't unlock the bootloader, my options are much more limited. Typically I'll disable all the Google and carrier services (including Play Services) and disable and replace all the stock apps with ones from F-Droid.
If my phone is physically compromised and the bootloader is unlocked, my hope is that storage encryption would make it a "non-issue". Yes, they could wipe the device and delete my data then resell the phone, but at that point all they've stolen is a $300 phone with maybe $80 resale value and not my entire identity
not sure about standard, but privacyguides.org has some nice resources for getting started. I recommend their "threat model" resource in particular; it shows you what direction you should work towards depending on your privacy goals.
Privacy Guides has an Android page as well.