Previous posts such as New Burner Phone and Cell Phone Hotspots & Tethering have been about least cost options for compartmentalizing your phone usage. My default is to treat mobile devices like small, insecure computers with terrible keyboards that are best left powered down in a drawer in another room.

Minimal Qubes Laptop from yesterday is, remarkably enough, about what to do for a low cost laptop running Qubes. This is a dramatic step up in term of securing your operating environment and I’ve been considering what to do about phones for a while now. This is the current fleet - the iPhone is center left among the four newer devices that got proper cases, the bottom two are both eight years old, and I should probably just wipe and recycle them.

Two of the three newer Androids are now old enough they’re starting to have behavior problems and I was considering a $200 iPhone XR to replace one of them. But I’ve also been listening to Peter Zeihan and I understand how much exposure Apple has with their China based production.

The current iPhone is fine, it can continue to hang out with my Mac Air as a light weight travel combo, but if what’s next isn’t another iPhone, that leaves the door open to big changes.

What if the mobile solution of a $400 Dell Precision 7520 running Qubes were joined by a phone running GrapheneOS? What are the benefits of this OS over any of the carrier Android software? The recommended devices make this pretty easy.

8th generation Pixels also bring support for the incredibly powerful hardware memory tagging security feature as part of moving to new ARMv9 CPU cores. GrapheneOS uses hardware memory tagging by default to protect the base OS and known compatible user installed apps against exploitation, with the option to use it for all apps and opt-out on a case-by-case basis for the few incompatible with it.

This is similar in spirit to the sort of hardening Qubes offers, an advanced function of this latest generation of processor permits firm separation of processes. This makes the device much harder to compromise. But hold on to your wallet, because it’s gotta be a Pixel 8.

And there you have it. If you need to be secure while on the move it’s going to be a minimum of $850 to as much as $1200 if you want the added ram of a Precision 7520 and the mini-tablet form factor of the Pixel Pro.

I know I would use all of that 64GB of ram so the $400 Precision 7520 is a better choice than the $300 5520, but the $550 Pixel 8 will win out over the dramatically more expensive $800 Pixel 8 Pro.

I won’t actually do these things until someone is paying me to do them, but that seems very likely to happen in January.