It is a widely known fact that phones are spying devices, but that doesn't mean that it has to be one if you follow this guide.
If you want a good phone get a linux phone
first thing i'd recommend checking is wether the phone is running a ROM that can be rooted, or if you can flash a open source AOSP fork (android open source project) such as LineageOS. You should prefer a phone that is rootable phone because you edit/mod/update/... things on the fly without relying on PC. Please make sure that unlocking the bootloader on the device you're buing isn't hard to unlock bootloader, otherwise you could end up like me with
List of things i'll talk about in the order i would do them with a freshly rooted phone:
First step in rooting you device is usually unlocking your bootloader, that is different for every manufacturer. Note that unlocking bootloader and flashing an ew rom both wipe your data, so make sure to backup before you do so. Also note that rioting your phone could fuck up internet banking and similar apps, sucks to suck.
For example xiaomi requires you to make a xiaomi account, with which you have to apply for developer. After few days your account usually gets developer, you hook up your phone to windows running PC, login into developer xiaomi app and finally unlock phone. This process can take up to few days and it's the only way (as far as i'm aware) to unlock bootloader.
After you unlock your bootloader you can flash the chosen ROM. I would recommend patching the OEM ROM with magisk or flashing LineageOS, because LineageOS can run ADB commands with root access (you have to flash the root addon)
Debloating your device is very easy. There are few things to note tough:
pm disable
only disables the app, but some of the threads can still run even if the app is disabled, better alternative is pm block
(which works even on old android versions 4.0)pm uninstall
will uninstall the package, this is not reversible so if you delete let's say webview factory reset won't fix it (it deletes the app from the ROM iso)pm uninstall -k --user 0 com.package
You can debloat with PC using ADB. With adb it's best to search on github for something like "debloat adb". ALWAYS make sure you check the package list before running the script as it can delete any app on your device
If you have a rooted phone you can use apps such as De-Bloater (magisk only), Package Manager or App Manager. You can also use some termux debloating script go figure it out.
Should I delete google play store/samsung apps/xiaomi marketplace/etc..? YES! Check out my soon to be madeTM gapps good? article
There are two ways to get apps. Aurora store and F-droid.
F-droid is a FOSS only marketplace that has lots of apps on the official repository and you can add more custom repositories (e.g. guardian project repository). I would recommend using Foxydroid over the official app, because it is way cleaner, faster and the official app has few bugs that are very annoying.
Aurora store is a private google play store frontend, that allows you to download apps without google account. You can also sign in and download apps you paid for on that account. It works without microG or google services.
General use of thumb: if you don't use it disable it. Make sure to disable WiFi and Bluetooth scanning. Go to about phone/info -> click "build number" until "developer mode enabled" toast shows up. Then go to developer settings and disable "auto update settings" and enable "WiFi enhanced randomization" and WiFi scan throttling
Magisk modules:
Xposed modules:
Ads bad, so let's fix it. how? easy! There are 2(+2927638) of apps designed to block ads. You can use only 1 app + ad blocking DNS if you are non-root and with root you can use all 3.
AdGuard: + best - proprietary
AdAway: + okayish + foss - okayish
If you are non-root I would recommend using adguard fr33 mod :D, if you are root you should use adguard in VPN with adaway in root mode. AdGuard setup guide
The android browser scene is in even shittier state than PC browsers. There are basically two (and half) options: firefox and all it's forks (Mull, Iceraven, Fennec F-droid, Tor browser,...), chromium (Bromite, Brave, Kiwi browser,...) and webview wrappers (privacy browser, opera, cookie browser, FOSS browser, DuckDuckGo privacy browser,...). Make no mistake - all of them are shit. The best ones I recommend are Privacy browser and Mull. Check out browser comparison list to pick your poison in a more educated manner.
AFWall+ (Android Firewall) is a gui app for the linux iptables firewall. It allows you to manage any connectiom to every app on your system including system apps. You can restrict the app's access to internet (fully or WiFi/data separately), roaming control, allowing the apps connection only trough VPN, Bluetooth/tethering control and more. It is one of the key apps to have a usable phone.
Filterbox is a notification manager, that allows you to dismiss, mute, postpone and replace notifications including system notifications. It can search and match notifications with regex or text search. This app allows you to dismiss annoying notification caused by other apps such as "the network doesn't have access to internet" notification caused by blocking the DNS requests to connectivitycheck.android.com
Icebox or it's FOSS alternative Island allows you to use pm block
without adb or terminal emulator. It is a GUI user-friendly app, that can completely block apps you "need" to have installed, but you don't want to let them run in background all the time, if used properly (freeze apps on device lock) it can lead to huge battery life increase.
It's a good app OK. Just install it, block it's internet access, push the apk trough itself, disabling internet access and then reinstall the modded version.
this guide is by no means finished ^^