I would like to buy one of these phones with the intent of installing ASOP or lineageOS. I don't mind maintaining the kernel branch myself and backporting fixes. I understand that there are proprietary blobs that run in userspace but I would trust these as I would get them from Snapdragon's official BSP website: codeaurora. I would remove anything that isn't necessary.
Since I am very nice in this field, I had a few questions:
1. Is it possible for Xiamoi to place a hardware backdoor? Or would this be near impossible to do at a large scale especially when using an American SoC?
2. I notice that the firmware for various chips are loaded from the Android image on boot. I assume this is because it's cheaper and allows firmware to be updated. Are there any components in a normal phone where the firmware in some read only flash? This would mean flashing a new ROM/OS would not remove this firmware.
Please note, I am looking for reasonable security. I am not a target in any way so it's unlikely I would be targeted specifically. I just don't like the idea of backdoors and/or malware calling home.
No such phone anywhere in the world. Mind you, not all calling home is nefarious. Unless you call keeping tabs on your spending nefarious. Google makes you a product so that it can make money off your advertising and spending data. Apple is no different.
And if you're connected to the US phone system, you're being watched by the NSA.
If you want some small measure of privacy, I believe that public payphones are probably still out there somewhere.
Oh and by the way, Apple iPhones are Chinese phones. They just have a misleading 'Apple' label stuck on them.
(The fastboot screen on that phone has a wee little bear wearing a People's Liberation Army hat. Take from that what you will.)