stupid_asshole69 [none/use name]

Probably the best way is to unplug it from the charger and remove the battery.

You can’t effectively use the device while it’s not vulnerable to attack.

What kind of eavesdropping are you worried about? I ask because concern over advertising is different than concern about laser listening (a technology that was available to me in kit form as a middle school student many years ago).

It’s not reasonable to ask how to avoid all eavesdropping because without any context you quickly start wondering if you could recover from being rendered and detained for the maximum legal duration in your jurisdiction.

Look into the t-series thinkpads. T480 is the meme one, but many newer models are very inexpensive and modular. I don’t have dells, but people who do recommend the Inspiron or Vostro ones. They’re similarly cheap and repairable. There are business class hp laptops for cheap too.

For my needs these computers have been very useful and fast.

Often a whole parts unit (bad screen, no ram, no hd for example) of one of these laptops can be had for the price of a single replacement part from one of the smaller manufacturers.

Because they’re so common, new production third party replacement batteries are available and new old stock as well.

If you value environmentally friendly actions, using these machines is literally taking plastic out of the waste stream.

If you haven’t already bought something:

What do you have now?

I would generally recommend against chromebooks. They’re often aimed at the lowest end of the market and have esoteric processors and boot processes that will make you frustrated.

I would generally recommend against small laptop manufacturers like framework etc. because of parts availability. People will say that you can get parts from the manufacturer but for how long? People will say you can make the parts themselves because the design is open source but I have a board etching setup, hot air station and injection molding machine and I don’t do that.

Obviously if you just want to “vote with your dollars” the above doesn’t matter.

If you want to get a laptop that’s gonna run linux well and last a long time get a used business class machine. There will always be a huge market for parts and they have almost always had someone put the effort in to document getting their distro to work right on their work assigned computer.

The black sheep option is to get a mac. Parts are everywhere for cheap and every microsoldering and computer repair shop will work on them because so many people have them and want to get them fixed. Obviously do your research first, but asahi is coming along and you’ve always got a Unix system to fall back on if it isn’t working out.

You’re thinking about this wrong.

Instead of trying to pick the one that will handle a fail state best, you can more effectively assume a fail state and take steps to mitigate it. That is to say: implement key (in your case, password) rotation.

Just establish a trusted system, log in and change your passwords periodically.

You can even do rolling rotation where you only change a few each week.

If that doesn’t seem like the right choice to you, then consider this: you’re thinking about an unconfirmed or possibly even uninvestigated situation where your secrets have been compromised. The solution isn’t to find the secret handling software that deals with this situation in the best way possible, it’s to change secrets.

I don’t think you’re too paranoid, but it seems like this idea is kinda unexamined and needs to be bounced off someone else first:

Wrapping your phone up and putting it in a box won’t be nearly effective enough to prevent audio recording. If you want to try this yourself, start your voice recorder app, wrap up your phone and set it in the box, say some stuff at a normal volume then play it back. It’s been a while since I used that function on android, but a long time ago ios had variable gain automatically applied so in quiet situations (like being wrapped up in a box, or night time in the woods) recordings would contain the information you’re trying to capture.

If you do this (or have already done it), and feel like it’s good enough for your needs, export the audio to a program like audacity and run some of the voice filters there on it. Even in situations where your voice is, to human ears, completely covered up in background and room tone often these free, open source tools can automatically pull them up out of the noise floor.

Imagine what a professional using purpose built software is capable of.

But even if you had a perfect towel and box: your computer has a microphone and camera on it.

Now you might be able to comfortably disconnect both of those and only connect them when someone calls, but if you’re forwarding the data stream through the device you want to treat as compromised there is a good chance that your communication data will have to be decrypted on the device before retransmission.

But if somehow your preferred platform can maintain perfect forward secrecy while handing off between clients (it shouldn’t, because this is a feature used by surveillance organizations), going through voip is a security downgrade because the encryption used from your pots ata (the box that goes Ethernet to phone) to the pc running the pbx software is less strong than that used by your communication platform.

In addition, surfacing your communications to the whole network like this would do opens you up to attacks on your ata and the ones for soho that you’d use are incredibly insecure to the network they are on. They’re worse than those consumer routers you always see with internet facing management pages.

So the next logical step, assuming you have the aforementioned perfect towel and box, is to just use the native pc programs for the communications software you want to make and receive calls through.

Of course, theres nothing preventing your assigned agent from compromising your pc, and in some ways thats an easier job than with a phone.

So I want to ask this as a person who has been surveilled: what kind of eavesdropping are you trying to avoid?

If you scroll down to where this reply will end up:

Iphone is the right place to start. The parental controls are well thought out and have enough granularity for almost anyone and “find my” works great along with location sharing.

They have a bunch of built in privacy, mental health and use monitoring stuff so the person with the phone can use that themselves too.

It’s the most normal person phone there is so no chance they’ll be embarrassed or feel left out and because the platform is so common (assuming USA because “grades”) you’ll have an easy time coordinating with other parents and sharing how you’re dealing with stuff as they grow.

Good luck.