From what I've read, the current theory is that access is initially possible using the cellular modem. Building and running a custom Android wouldn't necessarily help in that case, because the modem/baseband firmware is completely isolated and runs independently of the OS.
It seems like general camera/audio recording would need a secondary exploit.
Hm. I wonder how much work it would take to desolder the microphone and add a physical switch for it. Or maybe a magnetic reed switch in series with the microphone so I don't need to drill extra holes in the phone enclosure -- just hold a magnet up to the phone when I want to use the microphone.
It seems like general camera/audio recording would need a secondary exploit.
https://android.stackexchange.com/questions/219230/where-is-...