In case you use OpenPGP on a smartphone ...

[Felix]

Just adding my 2 cents to this discussion.

I think it doesn't matter what sort of spyware potentially exists
somewhere out there for some phone, what matters is whether it is on
your phone.

This isn't really about the security of OpenPGP either but about a
fundamental trust in the things we use both hardware and software.

I can recommend this video from 36C3 that talks about hardware security
(spoilers: its absolutely non trivial and nigh impossible to verify):

https://www.youtube.com/watch?v=Hzb37RyagCQ

It's also about threat models that you as the user of software (that you
trust does its job correctly) are trying to protect against.

If an attacker having root access to your device is part of a threat you
want to defend against your only choice is to use a (hopefully) known
good device that performs the encryption/decryption for you.

If you are only interested in end to end encryption where the message
might be intercepted in transit or verification of signatures then
OpenPGP does its job pretty damn well still.

There is not a single encryption algorithm that can't be defeated by
simply having full access to the device it is running on.

Now we can talk about mitigations that exist for the threat model where
the device you are using to read/send messages is compromised and I
think the recommendations in this thread are pretty sound.

I personally have been using OpenKeychain and a Yubikey via NFC. That
means that while any message that I have decrypted might be compromised
the keys used to decrypt are still secure (under the assumption that
Yubikeys are as secure as advertised, see the video above).

For me this is secure enough. For you it might not be.

I think that in general users of software should be aware that the
environment their software is running in is a threat vector, if you do
not trust it or you only trust it so far then only keep information you
can afford to get compromised in it.

If you are a person under close government watch, live in an
authoritarian regime or are a dissident I would of course recommend to
use an airgapped device.

If you are working for a company with important trade secrets you
hopefully don't have access to those on your phone anyway.

If you are a normal person not defending against any sort of advanced
persistent threat I think a smartphone still offers decent (enough)
security in day to day use for non-sensitive information.

And then there is of course still:

https://xkcd.com/538/

In the end it all comes down to: How much effort is the attacker going
to spend on you?

That determines how much effort you need to spend to protect yourself
against them.