Not really. Cyanogen is OK, but it's just Android. The hardware problems are still there: i) no drivers so GNU/Linux can't be ported ii) the baseband processor is usually badly isolated so it's easy to attack the device.

Best practice here is using a WiFi-only device with a separate cell modem. So you have hardware baseband isolation. See <https://blog.torproject.org/blog/mission-impossible-hardenin....

Then you run into problems with WiFi such as it broadcasting all your preferred networks/tracking, and the sad state of proprietary WiFi drivers.

Blackphone uses Kismet WiFi Manager to prevent MAC broadcasting and other issues https://play.google.com/store/apps/details?id=net.kismetwire...

That's true. But at least it's legal to spoof MAC.

working link: https://blog.torproject.org/blog/mission-impossible-hardenin...

My 2nd ever comment on HN asked them to fix this. Still broken, almost 3 years later :)

https://news.ycombinator.com/item?id=4112327

Thanks. Didn't check. Will from now on.

The <> format has worked before for me here. ???

If you can port Cyanogenmod, then don't you have a functioning Linux kernel that you can use to run any Linux based OS?

You do, this is Ubuntu Mobile strategy at the moment AFAIK.

However, drivers in ARM platforms are very opaque. You rely upon the goodwill of the manufacturer to update them, and most of the time they don't. See how most devices get unsupported in Cyanogenmod after a while.

And in any case, all the privacy concerns remain. It's a hardware issue. Android would be fine.

Not unless you use a popular phone model since each phone needs to be individually ported. I just bought a Mi Note (http://s1.mi.com/m/product/minote/index.html) and am out of luck.

For now you can install arbitrary custom Android builds on a few commercial devices until all the device bootloaders have Trusted Execution Environment (TEE) signing schemes preventing any user changes. Mobile devices are becoming increasingly more tightly sealed blackboxes not more open.