Serious Security Question: Network locked smartphones?

Good morning,

This is something I’ve been struggling to figure out for a long time.

I’ve been using a network locked phone for about a year and it seems to receive Android OS updates from ZTE but the updates are rare. It looks like it’s running a custom made version of Android OS.

Here’s a list of the official specifications list for the phone I’ve been using for over a year: Optus X Start 3 - ZTE AUSTRALIA

I know that by buying any of these network locked phones I’d be unable to change my phone network provider but I’m not worried about that. I’m worried that my phone will be less secure and less protective of user privacy.

I try to follow the PrivacyGuides ethos and install the bare minimum amount of Apps and only use my smartphone for calls and SMS messages. It just seems that I’m needing to use my phone more and more so user security is important to me… :cry: :cry:

I’m happy to pay extra to buy something from Samsung or another major brand if it’ll make my personal user data secure and private.

Other than being locked to a particular phone network do these phones bring any security risks? Am I sacrificing any of my personal user data or phone security by buying a network locked phone?

Is it possible these “network locked” phones are actually MORE secure than a phone bought outright from Samsung or Google?

Thank you for reading my question!

You are mixing up several things here that are not necessarily related. Network locked is just that - you can’t change the network.
The real problem is that you are not getting monthly security updates from ZTE (or from your network provider in case they are doing them) and there is not really anything you can do about that.

If you want/need more security/privacy you’ll have to consider that beforehand when you buy your next phone and e.g. acquire a Google Pixel (and install GOS) or an iPhone.

And no, network locked phones are not more secure. They are usually just cheap phones that get minimal support once they’re sold and that’s a very bad thing for security.

7 Likes

I appreciate your reply!

By the way, here’s another “network locked phone” from another provider with specs at the bottom. Does this have any advantages?

I’m definitely only going to be forced to use my phone more and more and that means installing Apps with my most personal information. I’m trying to restrict my phone to SMS/phone calls but I’ll be forced to install more Apps to do basic tasks so I need to make sure the phone brand I choose has secure hardware and keeps updating the OS with security updates and keeps my personal user data secure and private.

I’ve looked at Apple’s devices but they’re just too expensive for me so Android OS is my only real option!

I’m gonna have to say no. The only brands that are really pushing updates frequently (monthly) are Google with their Pixel line, Samsung and iPhone on the “other side” and a handful of smaller brands (I think the Nothing brand has a relatively good reputation).
Make sure to look up the End-of-Life date for the phone you are buying so you know for how long you will get updates.

Consider buying a used, unlocked premium phone of one of those brands that’s 3-4 years old if money is an issue.

4 Likes

To add to this, based on Optus and Telstra being linked I assume the OP in Australia. I would strongly recommend checking out Ozbargain and keeping an eye out for pixel 7a deals in the near future (Telstra actually sometimes has decent deals for existing customers[1]), or checking out gumtree for refurb pixel 6a/7a phones – I’ve had pretty good luck finding deals on those in the past


  1. This deal was very solid for the time (back in August last year), it’s plausible they’d have even better deals soon with the 8a on the horizon ↩︎

3 Likes

I appreciate your replies!

A pre-owned phone seems disgusting to me? No offense, but I’d much prefer to buy a new phone for health reasons!

From my research it seems like Samsung and Google have the best policies regarding long term security updates.

Would I be okay buying a Samsung or Google phone from a “network provider” like this one: Buy the Business Samsung Galaxy A15 - Telstra

Or am I safer to buy a Samsung or Google phone from the official Samsung and Google websites at:
**Smartphones | Buy Unlocked Mobile Phones | Samsung AU **

https://store.google.com/category/phones?hl=en-GB

It’s usually better to buy an unlocked phone from the manufacturer.
Some networks mess with the updates with their locked phones, i.e. they hold them back to add proprietary network-related stuff to them.

2 Likes

Any reputable refurbishing place will clean the phones pretty damn well, what health reasons are you concerned about in particular?

3 Likes

Hello fellow OZB user. But yes, that is a good place to see deals particularly at major retailers when they try to get rid of old stock on new release.

2 Likes

I appreciate your reply!

Would I be the most safe if I purchased a new phone directly from the Samsung website then?

Or better yet a Pixel so you can run GrapheneOS on it.

Samsung third party OS support is spotty, and they do quite a lot of privacy invasive stuff across a lot of their products, smart tvs etc. About the only Samsung product I will still buy is SSDs, RAM.

Network locked phones are never a good deal and generally are there to get you to buy bigger data plans you might not use, by enticing you with the handset. You can get 15% discount codes for Google Play from various student related programs. (If you know any students who will give you a code.)

2 Likes

I appreciate your reply!

Ok so I’m going to stay well away from any type of “Network locked phone”.

I have 2 questions I haven’t been able to find any answers to on the Internet:

I’m not going to be using any mobile internet from a provider and I’ll exclusively use my home wifi network for internet access to keep my phone as secure as possible.

Question 1:
However, does it matter which phone network provider that I use to make all of my phone calls and SMS messages in terms of security? Is it possible for one phone network provider to leak my SMS messages for example?

Question 2:
Does it really matter which hardware brand I use between Samsung, Google, Nokia etc since I’ll be using the Android OS???

Not the person you replied to, but I can answer.

No. All SMS/MMS and phone calls are unencrypted. They can see you SMS/MMS messages and so can others like police by requesting it or hackers if they breach whatever probably abysmal security telcos have.

Yes. Hardware makes the software secure. Google has really good hardware security. Second best is probably Samsung. Both would be better than Nokia. Not to mention that both Samsung and Google provide 7 years of software updates for their latest phones, while I assume Nokia probably only does 3 years. The competition is really only between Pixel and iPhone. Samsung may be more popular than the Pixel, but security isn’t one of their strong points.

Pixel or iPhone are the only phones I can recommend. It was Samsung that shipped 100 million phones with shattered encryption.

4 Likes

I appreciate your reply!

Wow, 7 years of software updates is a really long time.

This link seems to cover a lot of the information that the community on PrivateGuides would appreciate: Phone update policies from every major company - Android Authority

I’m reading it now.

1 Like

If hardware is important to you Pixels are superior in terms of their cost-effectiveness, only behind Chinese brands, according to DXOMARK’s tests for camera quality, screen quality, battery life amongst other things. However, I do understand there are thousands of other metrics.

Samsung’s (or any other non-Goggle android phones) aren’t recommend by PG, for reasons they list in the knowledge base.

I don’t think you can even justify buying a phone that is not a Pixel, it is the best all around phone in terms of hardware and software, apart from Chinese phones which are the best in terms of hardware (on paper), I don’t know about their durability though.

1 Like

…and the environment.

I appreciate your reply!

I understand that Google phones are the best Android phones to buy, but it just feels unsafe to be using hardware and software that are made by the same company??? You’re just putting so much trust into Google???

I used a Huawei phone for a few years and it was very solid in terms of performance and durability. I thought Huawei might be another option, but then I looked at the Huawei model for $299 and it’s running Android OS 8.1:

I thought I was mis-reading things but multiiple websites say the same Android OS version.

1 Like

This is a common concern and is understandable. But the thing you need to understand is that Google Pixels actually allow more freedom to deGoogle your phone.

What I mean is, Google allows hassle-free bootloader unlocking so that you don’t need to wait for 30 days to unlock (like with Xiaomi) or have to ask for a code from the manufacturer that voids your warranty (like with Motorola). You simply go to Settings, enable developer options and flip a toggle on to allow OEM unlocking (that allows you to unlock the bootloader and install custom OSes).

There are also the only phones that are supported by GrapheneOS, the most hardened Android distribution. Various other privacy. The Pixels also receive firmware updates first.

It really makes no snese, yes, but that’s just how it is.

3 Likes

I appreciate your reply!

I’ll take a look at GrapheneOS again, but from the research I’ve already done it just seems like installing GrapheneOS and removing Android OS is too much work and will lead to App compatibility issues. :cry: :cry: :cry: :cry:

GrapheneOS (GOS) has great app compatibility, especially if you install their Sandboxed Google Play Services from GOS’ from their “Apps” app. This treats Google Play Services (GPS) as a regular app on Android. This means you can choose what parts of the phone you want GPS to access through the normal Android permissions that appear when an app requests access the device’s camera, microphone, contacts, photos, etc., instead of it having unrestricted access on Stock Android. The Google Play Store is also the officially recommended place to install apps from on GOS as that is the safest way. Flashing GOS is very easy if you use the WebUSB-Based installer. And arguably the best feature of GOS is the security enhancement you’ll get. There’s nothing more secure than the latest Pixel phone with GOS on it.

2 Likes