Best setup to augment privacy journey

newbie · January 22, 2025, 8:59pm

Hi everyone! Newbie here.

I recently switched to GrapheneOS on the latest Pixel, which feels like the most private phone setup possible. However, my broader tech setup feels far less private or secure in comparison. Previously, I used an iPhone, Apple Watch, iPad, and a laptop running Fedora. I now want to streamline my devices while maintaining a balance between privacy, security, and convenience.

After reading about the lack of robust permission management in desktop OSs, I’m considering a Pixel Tablet with GrapheneOS, an iPad, or a Mac. While Fedora on a laptop is strong from a privacy perspective, it lacks features like secure elements, protection against brute-forcing, and proper app permission management. Given that human error is often the weakest link, I’m trying to minimize risks.

Here are my thoughts on possible setups:
1. Pixel Tablet with GrapheneOS: Likely the best combination of privacy and security, but the current hardware is too limited for my needs.
2. iPad: A feature-rich, secure device with great permission controls. However, I’m concerned about reduced privacy, especially if data like location or files are accessible to Apple, even without relying on their services (e.g., iCloud).
3. MacBook: Offers more freedom (e.g., skip Apple ID, download apps) and better privacy than the iPad, but similar concerns about Apple’s access to location or usage data.

For now, I need a laptop or equivalent device for work, storing important files, and syncing with my GrapheneOS phone. While my phone remains secure, syncing could expose data on less secure devices.

I currently use an Apple Watch for fitness tracking and reminders (on airplane mode with GPS off), paired with an old iPhone left in a drawer. I will try to convert it to a standalone later on through a Family Setup.

Separately, I run a VPS for a home server (TrueNAS Scale) but am unsure how to make remote connections more private. I’m considering Tailscale but don’t want ISPs to track where traffic is routed.

Threat model:
• Generally focused on avoiding tracking, surveillance, and scams.
• I live in a totalitarian country with nonexistent human rights, so there’s a real risk of being detained arbitrarily. For this reason, I aim for plausible deniability and data security while maintaining convenience. Though, I’m not looking to go full nuclear (e.g., QubesOS)

Lastly, my concern about Apple has grown since they recently appointed a local representative to handle government cooperation in my country. Although Apple has ignored government requests in the past, I suspect this might change, potentially leading to invasive surveillance measures.

Any suggestions on how to optimize my setup for privacy, security, and convenience?

Parish2555 · January 22, 2025, 9:08pm

The one piece of info, to me, that seems to be missing is what about your current setup is not meeting your threat model?

I would also caution you about aiming for plausible deniability. If there is a risk of arbitrary detainment your goal should be to minimize the amount of data you have on you that could cause you issues if you are detained.

newbie · January 22, 2025, 9:29pm

Yes, pretty much. What I’m doing right now is only a part of the equation. I try to approach my goal slowly to not crash).

For the plausible deniability, I only need to hide services that contain/have access to any private information they want (eg password manager, browser data, files, photos). I love gos for that since I can just put anything affecting my life if leaked in private space or profiles that I can delete in an instance. I also have a simple password for duress that is visible in the obvious place for them to enter. VPS via smth like iPad could probably achieve the same, but it would leave the connection traces behind.

I try to leave as much on the cloud as possible and only have files locally for something I’m expected to have.

Throwaway · January 23, 2025, 3:47am

Put TAILS on a USB stick. That’s a must have and simple to do.

brinerustle · January 23, 2025, 6:40am

Would using a USB dock with screen, keyboard, mouse, and external SSD be enough?

mangomango · January 23, 2025, 8:03am

Congrats for transitioning to GOS, that’s very great ! Now honestly you just got to choose between Pixel Tablet, iPad or MacBook.
I think that all three are good choices and that you just have to USE them well in relation to your threat model.
I personally use a Macbook alongside my smartphone (GOS).
Maybe you can check on GrapheneOS forum or official account the grid of Cellbrite hacking capabilities if this is of value to you.

WhinyHamletPayer · January 23, 2025, 1:16pm

Rather than contemplating which devices or the OSs to use consider compartmentalizing your usage. Designate your laptop/desktop for work and store only work related docs on them. For personal, use your GOS phone.

This simplifies your conundrum of finding a balance between privacy/security needs with the need to simply get work done. So if you have a MacBook then use it for work and only (or mostly) for work. You will need to create separate accounts for each device for this to work since the security of desktop OSs are less secure. For example, an account for a password manager on your laptop that only stores work related logins and a different account on your GOS phone to store personal logins.

newbie · January 23, 2025, 7:40pm

That might actually be a solution once they upgrade the lineup. Current generation is just bad in general: bad efficiency, battery, performance, etc. I will buy it with the new release and GOS’s Linux desktop mode support.

newbie · January 23, 2025, 9:32pm

Thank you! I have some questions about your experience with Mac.
How usable is MacBook without an AppleID?

Is permission management the same for apps downloaded outside of AppStore and is there a gui to disable network access for apps/services? What apps do you use that sync with gos?

Do apps remember the profile they were installed in and how strong is device fingerprinting?

Also does the VPN leak the same way as on iPhones?
Sorry for overwhelming with questions))

It might actually be a good choice with their battery life. Though, I would probably sacrifice the ability to run smth like tails.

newbie · January 23, 2025, 9:35pm

I tried it out but got a bit confused with the persistent storage. Is there a way to deliberately state what to save (eg I want some files to be saved and some to be temporary. It would also be cool if I can save apps there but delete app data upon exit)

Throwaway · January 23, 2025, 10:26pm

Not sure. Nothing I do is important enough to justify turning on persistent storage.

TheDoc · January 27, 2025, 11:39pm

Yes, the only folders that save files with persistence are the Persistent folder and the Tor Browser (Persistent) folder. You should mainly use the Persistent folder, the Tor Browser and Tor Browser (Persistent) folders are accessible to the Tor Browser, allowing you to download or upload files through the Tor Browser.

You probably already know this but in case you didn’t, this is likely only an issue if you expect an adversary to swipe your laptop while it is decrypted and in use. The full-disk encryption should be secure before it is decrypted/while powered off. It might be more vulnerable to physical tampering, but depending on how far your adversary is willing to go, no device can fully protect you from that.

But yes, if that sort of physical attack is a concern, a Mac or iPad is better. A GrapheneOS Pixel Tablet is an option but the firmware/driver security update life span will be shorter than a brand new Mac or iPad. GrapheneOS should continue to provide OS security updates for a lot longer but since you’ve expressed concern with physical attacks, having up-to-date firmware and drivers might be important to you.