> It also is ineffective at blocking audio

If you turn your phone off and immediately put it in a Faraday bag, how would it receive a remote command to turn on and start recording audio?

That's implying that it is actually off and not just pretending to be off, and that it requires a command to start recording instead of just constantly recording and only uploading when commanded to

If we're assuming a well-funded and motivated attacker, surely any device is fair game for being modified to record you even when it's apparently off?

Of course this applies whether it appears to have a removable "battery" or not.

Far enough down the threat model rabbit hole the real solution is just ditch the phone if you're doing anything mildly antigovernment. That at least forces them to do a bit more work to spy on you.

That's always one of the big issues in opsec/security discussions, we can always imagine a more motivated or well funded attacker but the likelihood of those being deployed against you change with the difficulty of implementing those methods.