Trevor Best and Miguel Duque outline how to make smartphones more private and where to start

Trevor Best, a longtime privacy‑phone enthusiast, told an audience that making a smartphone private typically means replacing the device’s standard operating system with a privacy‑focused distribution such as GrapheneOS.

“GrapheneOS … is a heavily modified for security, version of Android that has security modifications, privacy modifications,” Best said, adding that such distributions remove much of the tracking that comes preinstalled on phones. He described both privacy (absence of tracking) and security (protection against hacks) as separate concerns and said GrapheneOS strengthens both.

Miguel Duque, a co‑presenter who said he is less technical, described buying a preloaded privacy device from the nonprofit Calyx Institute and said the packaged experience felt straightforward. “They mailed me the phone. I opened it out of the box,” Duque said, adding that he paid with cryptocurrency.

The presenters urged attendees to begin with threat modeling — defining who might target them and what that adversary seeks — before choosing specific tools. “Think about who your opponent is, how they’re attacking and what it is that they want out of you,” Best said, arguing that defenses differ for targeted surveillance versus broad data collection.

On app compatibility, presenters cautioned about tradeoffs. Best and Duque discussed MicroG, a reimplementation of Google Play services, which can improve app functionality on privacy OSes but reduces privacy. Duque said he still uses Google Maps or Waze for driving because unfamiliar navigation interfaces can be unsafe.

They recommended alternative app sources such as F‑Droid, an open‑source app repository, and Aurora Store, an alternative client that can connect to Google’s app database without a Google account. Best pointed attendees to IntelTechniques’ step‑by‑step PDF guides for building private devices and services, noting those guides are updated frequently and cost about $15.

During a brief Q&A, an audience member identified as Colin asked whether cameras and microphones are actually accessed in practice. “I have heard before that your camera and your mic can be listened to,” Colin said.

Best replied that mainstream social apps generally do not continuously listen to users’ microphones; instead, algorithms can often infer interests without constant audio monitoring. He added that malicious apps and documented state‑level spyware can and have activated cameras or microphones. “If you’re protecting from a crazy ex, maybe you don’t need to worry about your smartphone camera watching you continuously. If you’re that secret agent…yeah, you probably better worry about that,” Best said.

Best closed by offering hands‑on help: attendees with phones compatible with GrapheneOS or Kalix could have their devices wiped and the privacy OS installed at the event. The moderator then thanked the presenters and called a five‑minute break.