I am writing this from a pixel 7 pro with an esim network and cell connection. Unfortunately I got into privacy slowly and as I learned more I see more mistakes I made previously. I want to feel as invulnerable to attacks as physically possible and I've made some errors along the way.
I DO have a reason to believe I am an individual who may be subject to state level monitoring and therefore I am trying to fix as many leaks that I've created as possible.
So for example, I have the aforementioned esim which is tied to an account with my real name. The networking performed via the esim is ran thru a mullvad always-on-vpn, but from what I understand there are IP leaks that happen on boot which is unfortunate. I am wondering if ever registering this phones ability to connect to cell towers was a grave mistake.
I have made efforts to mitigate 1-click vulnerabilities by disabling MMS auto downloading and disabling MMS capabilities for group messages. I currently have only a few proprietary apps installed, discord as an example, and some games.
Another potentially grave error, I have been using Google play services on my main user profile.
At this point, is a complete wipe and reflash of the operating system my best bet? If so, what are some good alternatives to having a sim card besides using WiFi? And should Google play be an absolute no go even on separate profiles? Do you guys think I've already messed up too bad to recover? Let me know in the comments, any advice will be greatly appreciated. I will also gladly elaborate more if asked. Thank you