Got my Pixel6a recently and in line with the instructions I've updated the stock ROM to the latest security updates and then Android 13 (whatever the latest was as of 9 November 2022). I've then factory reset it and enabled Developer mode with "Quick Settings Developer Tiles" per here https://www.howtogeek.com/691619/how-to-turn-off-all-your-android-phones-sensors-in-one-tap/. I did this because I'm likely to be installing the OS in an environment where attackers are specifically looking to target my device as they've done with all my previous devices, and so given my experience with IOS where even a totally up to date iPhone SE III with Wifi and bluetooth disabled they still got full remote access, I want to avoid any repeat with this Pixel before it gets Graphene installed.
Question: Will having the sensors disabled using this "Quick Settings Developer Tiles - Sensors Off" enabled in any way interfere with the Graphene web installer?

    How would an attacker get access to your phone via the built-in sensors? If I understand it correctly, some of the sensors include ambient light, accelerometer, fingerprint, GPS, gyroscope, infrared, proximity, and maybe others. How would a hacker break into a phone with these sensors?

    I note that in the instructions provided above, it does not disable Cell or WiFi antennas; I assume it doesn't disable Bluetooth nor NFC antennas, either. Now those are ways your phone can be reached remotely. With WiFi scanning, an attempt to access your phone's wireless MAC address would reveal information about the chipset; same would be true for cell phone, which could reveal the IMEI.

    As I learned a long time ago in security, the safest device is one that is never connected to any network. The question then is how to protect a network-attached device, be it WiFi, LAN, WAN, or other.

    Check out Rob Braxman on YouTube, who is very interested in Internet privacy, security, and privacy and security on cell phones.

      TinFoilHat

      If you want to make sure you have a valid version of GrapheneOS after installation, check out https://grapheneos.org/install/web#verifying-installation.

      By the way, verifying your OS hasn't been tampered with using the Auditor app is a great way to know you're safe. Apps are sandboxed and can't obtain permissions they can't have to take over your phone.

      The installation is done while the phone is in in Fastboot, not the regular OS. Having sensors on or off won't make any difference.

      We don't advise leaving Developer Options active post install or messing with them either. We can only support devices properly when they are left as the devs intended. You do not need to use that tile to turn sensors off which can impact system apps, you can however make use of the per app sensors toggle. After installing each app before first use open the App Info pane and remove Sensors or download all your apps on setup then go straight to Permission Manager under Privacy and select Sensors to go through the list and remove it from your user installed apps.

      dcd-graphenediscuss I was interested in this "sensors off" function to disable the bluetooth and NFC more than anything else.

      The SIM card will be from a different telco than I normally use, but will use the same phone number that would almost certainly be known by my attackers.

      I'm aware of SS7 attacks based on phone numbers and IMEI's but I don't believe this is the threat vector I'm dealing with, so that's why I'm keeping the same number. I also think it will afford me a smoother migration in case I need to install Signal or WhatsApp on the Pixel which are phone number based accounts.

      Is there any other kind of attack I should be aware of that's based on knowing the targets phone number?, and if there is I'm guessing GrapheneOS's various security mitigations will prevent it? Would it be wise still for me to get a new phone number?

        TinFoilHat I have removed the latter part of your post, we do not have aversion to people making claims so long as they are backed by sources and ensure this community resource doesn't push misinformation. I have also closed your other thread as it was following a similar pattern to this one, just with a different hypothetical question. Please refrain from creating any more in the same vain as I will consider it spam and you risk being suspended.

        Regards the NFC and Bluetooth as well as the cellular radio/airplane mode, all standard toggles deactivate them at the hardware level.

        In regards the phone number attack you were concerned with SIM swapping would probably be the most direct and well known. As advised in your other thread, upon restoring your accounts with the existing number, it would be advisable for you to change your number for the SIM and the accounts too.

        If you wish to ask further questions please contain them here and provide evidence/citations/sources for any claims so that they may be addressed properly.

        Other than that I hope you have a pleasant start to your journey as a user and find GrapheneOS to your liking.

        Take care.