Could it be that the processor sends data from the camera/microphone to the Qualcomm/Mediatek servers, bypassing the system? Is it possible to find out about this by checking the traffic leaving the device? Are there any studies that have done this? If this happens, then even GrapheneOS becomes mostly meaningless.
I think it would be way easier get data from preinstalled apps. It wouldn’t make any sense to bug devices at a hardware level as that would involve a ton of work for a small minority of people who use custom Roms.
I am a little concerned about cell towers getting my location all the the time but that isn’t the same thing as a hardware backdoor.
In general I think the same. Too difficult to implement and easy to detect. I wonder if there are studies on this topic)