I just wanted to ask for people’s opinions on both privacy and security relating specifically to mobile devices and the use of Apps v Browser.
As I take a further deep-dive and enhancing my own privacy and security, I do sometimes wonder whether it’s better to have fewer apps and login via a browser. Mainly due to data persistence, device caching and so on. I guess this is part of a physical threat model if the device got into the hands of bad actors.
I am thinking about banking, e-mails, AI/LLMs and so on. This may not be possible for all services, such as those that have automated device uploads, although you could make this a manual process. For example, Ente. I think I read somewhere that you cannot toggle on/off the thumbnail cache. You have to manually delete the cache! I understand why you have a cache here for smaller images, but for users who have a higher privacy threshold, this should have the ability to not load images until toggled on. I don’t think this is just Ente, it just surprised me given their marketing around privacy etc. I’ve seen @vishnukvmd comment in several places around the cryptography, audits and so on - which is great, but very little about physical security.
For me, Apps are designed for convenience. And what do we sacrifice convenience for?: PRIVACY. Every. Single. Time.
Whilst there are some insanely great developments in the world of privacy and security products - something I applaud loudly - there is a huge focus on e2ee zero knowledge. Also great! But I can’t help but feel there could be more done with these privacy-focussed apps relating to physical threat models. Taking the Ente example, above, if my device was in the hands of a bad actor, my device memory would include the cached thumbnails of images that have previously been loaded. Is it possible to prevent this, even if by a toggle that allows the user to not automatically load thumbnail images?
I think using a browser, wherever possible, may be better for privacy and physical threat models to avoid data lingering and discovery on a download.
