I guess if we weren’t all a bit paranoid we‘d be looking at other phones :)
So…..
1. Normal Android phones will, when installing an alternative OS, delete all user data and will then go on to display a strongly worded warning on every start. (Some weak form of Anti-Evil-Maid.) Does VollaPhone do the same?
2. Are internal and external user data encrypted by default? If so, block-based or file-based + which algorithm and key length?
3. Does performing a factory reset securely delete all user data? (considering both the difficulties of reliably overwriting flash memory sectors AND the multitudes of mysterious partitions that Android-based phones usually come with…)
4. Many phones today have a separate chip to handle some of the aforementioned functions. (Think of the secure enclave, Titan M and the like.) Does VollaPhone have anything similar?
5. Does the fact that VollaOS is based on somewhat older versions of Android impact software security in any way?
5b. For how long do you intend to support your devices?
6. VollaPhone is NOT rooted by default, so a malicious app from an alternative app store should only cause limited damage, correct?
7. And finally: do any answers to the above questions depend on which OS runs on the phone? (VollaOS or Ubuntu)
THANK YOU very much in advance for answering some or all of these questions!