I have been using Android for 15 years and custom roms for most of that time. I rocked CalyxOS for awhile and have been on GrapheneOS for the past two years. While it is fantastic, Google is making it increasingly more difficult for an average user to use it.
Things like Play Integrity are starting to seep into more in more apps. AOSP is frankly just buggier and less performant than Pixel Android. Visual voicemail straight up doesn’t work on Tmobile.
With these things in mind, I am considering leaving the custom OS world behind. If I decide to go that route, Is iPhone a better option than a stock Pixel?
Id go for an iPhone but Apple would rather go for “cheap” servers in HK rather than in my home country.
It shouldnt be an issue but Apple bends over backwards to comply with its government demands. Apple does not protect its users equally in all countries.
@HiHowAreYa I think you should start to consider more private apps that does not rely on Google Play Store but I guess banking/finance apps could pose an issue.
A good solution is to just use 2 phones. One for your banking apps that stays turned off at home and is only turned on while the person is doing banking stuff. That phone could just use wifi and no sim thus limiting even more the attack surface. The rest of the time use your main degoogled phone.
Try logging in to your bank’s mobile web site and see what you can do. One of my bank apparently full featured services that look great on the small screen. I think I can even snap back and front of checks for deposit - just haven’t tested it yet.
My bank’s apps might not be on my phone long if this works.
I have been thinking of a set up for mobile phones, here is what I have currently, please let me know if you have any room for improvement.
Communications phone: Signal, SimpleX, Protonmail, VPN of choice, etc. Only privacy based apps. This phone could run GrapheneOS. This ideally has a prepaid cash sim card.
Media phone: Music apps, maybe some social media. This phone mainly stays at home, but if you bring it in public it has WiFi shut off completely - music is played in offline mode. There is no sim card since this doesn’t need cell service.
This phone could be any operating system (maybe the cheapest brand possible).
Banking and government phone: Banking apps, separate email for government services, utilities, insurance, etc. This phone stays home always, has sim card. Basically the phone number that non-private services have will not be linked with your physical movements at all. This phone stays turned off when not in use.
Burner phone: For calling non-trusted contacts to avoid giving any phone numbers away, can rotate sims on this and use a cheap flip phone. Stored off when not in use. Can be used for booking hotels, or trips, then rotate sim cards once trip is over.
Maybe you could use an old laptop with linux instead of stock phone? That would be much better.
Same thing here. Why do you need a phone? Can’t you access these services on your computer on a dedicated browser? I would only dedicate a phone if i need the banking app. All the utilities, insurance etc goes through the web browser.
I think your setup is overlycomplex. You will get eventually in privacy fatigue. You should simplify with fewer devices. You should decide what are you really achieving with your measures? For example are you on the run or you just need normal privacy from internet connected devices? Sure it would be great if you could call every person with a different phone number, that would be super secure but it is not practical in the long run.
Even on non-custom Android OSes, there is still things you can do such as use alternative app-stores far easier, or use other web browser engines easier. You can choose to not sign in with a Google account and then download apps from Aurora instead of the Play Store.
Well I am saying that this is an option that is available. iOS doesn’t allow you to install any third party apps without an Apple account whatsoever, unlike Android.
It’s definitely possible to disabled Play Services! But some other apps also need to be reinstalled, for example Whatsapp and Signal check when they’re installed whether Play Services are present - if yes they use them for push notifications, if no they use their own independent implementation. But they only check once at the beginning, so if you disable Play Services later you should reinstall them to get push notifications
I want to listen to music in the car, hence the media phone instead of a laptop. Maybe an offline media player that is not a phone?
I need a separate phone number for government services. Part of my threat model includes cell tower tracking, and my physical movement. But this point is great, I could use a VOIP number to register with these services.
My threat model is strict. Failure could be catastrophic for me resulting in death, financial ruin, legal problems, kidnapping, etc.