Stock OS before removed

faxe

8v55 I usually set up my new phones in the shopping center where the store where I buy my devices is located since they have free wifi there.

horde

Probably9857 Go to a location without cellular coverage, to avoid the IMEI being linked to a location. However, you will need internet access for the installer device. Maybe a basement, concrete bunker, Faraday cage, etc.

But you will need internet connection to unlock OEM in Google stock OS so you can install GrapheneOS.

faxe advice is very great.

stupidcreature

DeletedUser87 speakers can still be used as microphones so taping it up is pointless; and even if you get rid of the speakers, good luck getting rid of the gyroscope

DeletedUser87

stupidcreature that's true, but such generic 'mumbled' noise will hardly be useful unlike very specific sounds. Just wanted to add some suggestions to decrease attack surface.

DeletedUser69

Don't worry too much, just install GrapheneOS and enjoy "sandboxed Google free" experience (i.e. don't go for Google Play as tempting as it may be).You'll be much better off than most of the folks on this forum. But beware of the steep learning curve.

Guillaume

DeletedUser69 I confirm it's abrupt😂

ryrona

When I had bought my phone, I started it up with stock OS, without having any SIM card inserted. I skipped creation of Google account in setup wizard, and skipped setting up anything else I could skip too. Ie, I set a simple PIN, no fingerprint unlock or anything like that. I connected to my home Wifi. Let it install all OS updates. Factory defaulted after that. Then OEM unlocked it and began installing GrapheneOS.

This way, no information about my phone would be associated with any Google account, email address or phone number. I think this is the minimal information one could leak.

Probably9857

ryrona

That's what I would personally do also.

But even without SIM, the phone still connects to cellular network, revealing IMEI and location. The IMEI may already be linked to you through purchasing the phone. It will now also be linked to where you live. If you ever connect to a cellular network with that device, you could be identifiable. It will depend on threat models whether that is a real risk.

Hb1hf

horde But you will need internet connection to unlock OEM in Google stock OS so you can install GrapheneOS

That's what I was thinking. Don't you need to set up the phone first, to get to that? Use a Google account?

Probably9857

horde

horde But you will need internet connection to unlock OEM in Google stock OS

That is a good point. So, I guess there is no way to avoid revealing the IMEI + location to the cellular network. If that is a risk, then it is even more important to acquire the device anonymously.

horde

Hb1hf No, Google account is not needed.

ryrona

Probably9857 True, but I intended to and do use cellular with a SIM now when on GrapheneOS, so they still have my IMEI and precise location either way. That is not an issue in my threat model. Totally okay they know where the real life me is, and that it is me who owns this specific phone, as long as they have no clue what I am using my phone for or are doing on it.

The most important in most threat models is to have multiple separate identities and keep their activities totally isolated from each other. So real life me and what devices I own and where I am is still the real life me. But ryrona is someone else, some random GrapheneOS community member. Totally okay people know what ryrona writes on the internet. But there must not be any ties between the real me and ryrona. I have more identities than this though.