The Road to Privacy: Securing your smartphone

Today, most people carry their smartphone whereever they go. Smartphones are a great tool, as they can be used for much more than just calling. Today, we have smartphones with higher specs than old laptops, which also implies that now they're at bigger risk at getting compromised by hackers. There are many steps one can take to secure their smartphone, and some of these steps will ruin all the fun about smartphones. As years have passed, I've been experimenting with my Sony xPeria Z, where I like to think I've found a middleway between fun and privacy. Some of the steps I took are very different, than the steps needed for other phones, but as it goes:

1. Unlock bootloader
2. Install Cyanogenmod
3. Install Google Apps
4. Encrypt phone
5. Install xPosed
6. Install various xPosed modules and apps for privacy
7. Use modules and apps for privacy to limit all apps

Cyanogenmod comes with some privacy tools, which some would find just fine and enough.
I will not cover how you install cyanogenmod with gapps on your phone, as it's different from phone to phone. Installing xPosed and various powerful modules only requires root though, and it's simple to install.

Download xPosed from its website, and simply follow the instructions.
After installing, head to the download page and download following modules:

1. xPrivacy
   A powerful tool with which you can limit the access to personal information for apps.

2. Bootmanager
   A module that lets you find and disable apps which starts with the phone.

Configuring xPrivacy can take some time, and I suggest searching the forums to figure out what's ideal for you. I set everything to "ask for permission" which means that whenever an app asks for permission to access some information, I'll have to either Accept or Deny. This way is rather annoying in the beginning, but I got used to it, and now it's just natural for me to think: "A flashlight app asks for permission to see my location, that's completely unecessary for its function, deny."
The bootmanager doesn't have much influence on privacy if xPrivacy is installed correctly, but it's a nice tool which allows a fast startup by limiting which apps starts when the phone starts.

Now, my phone, with this setup, isn't safe. I wouldn't rely my life on it, not even while running a VPN and using encrypted IM's. For a phone to be as safe as can be, you need to hardware disable front and rear camera, microphone and GPS. By then, you've lost a lot of the functions which make smartphones fun and practical. With this setup, you can connect to wifi, and have encrypted sessions with whoever, and mostly only do small tasks, which is the safest. Such phones has been available on the market, and there's probably still some available, if you don't think you're up for the task.