Let’s say one of them isn’t particularly privacy friendly (stock Android, but with many privacy alternative apps installed), but the other is a Google Pixel from a few years ago with GrapheneOS installed.
Let’s also say the bulk of the use (and eSIM) will be with the Pixel and the other phone will only be used for downloading some apps only available on stock Android and things GrapheneOS doesn’t currently have an alternative for.
Would it be pointless having both phones because I’d still have the stock Android and my data (and life) would still be very vulnerable to corporations and third parties just for keeping that phone turned on?
The privacy benefit is app segmentation - apps on different devices wont be able to collude. Id recommend using a VPN (or Orbot) on one or both devices, such that the IP cant be used to correlate your identity between devices.
Of course, this can also be achieved on GOS with different user profiles, but for necessary apps that insist on Play Integrity, a secondary phone is a fair compromise
Your particular threat model will play into it as well. Data on the stock android device will be less secure at rest than the GOS device. If there is any risk of an adversary attempting to confiscate or penetrate the phone, you may want to reevaluate saving sensitive data on the stock android device
It could be actually beneficial for your privacy in principal depending upon how well you compartmentalise things.
On your googled device , you could still use a pseudonym for google account and store only the data which is necessary. You could put it in airplane mode when not needed.
But i see the bigger problem of managing 2 phones on daily basis. I feel many of us would just get exhausted of it and start mixing up the 2 for convenience.
So even if you start of with a solid plan it might not ve very practical. I used to do something similar and ended up just using 1 account for everything.
I would suggest to rather keep things simple.
A second user profile may help.
This can actually be beneficial for privacy if done correctly. I have one stock Android device which is an older phone I don’t use anymore. I use this for any apps that aren’t privacy respecting and any apps that require Google play services. This phone lives at home turned off inside a Faraday bag. My GOS phone will never get any apps that aren’t trusted open source apps, not even in a secondary profile. This is how I deal with the apps I “need" to have like banking apps. This is beneficial for privacy. If you need utmost security, do everything on your Pixel (or on two separate GOS Pixels).
I also have a stock Android phone for the same reason, but I have been using it less compared to GrapheneOS with multiple profiles, with GPlay Services enabled on certain profiles. It does feel like carrying multiple phones at the same time.
I’ve sort of been wondering this myself. Thanks for asking this.
Prior to getting a Pixel phone and putting GrapheneOS on it, I used an iPhone. I still have it and use it minimally, mostly for iMessage and voice calls with people that I can’t get to switch to Signal. Usually I have my iPhone forward these to my Graphene phone (BlueBubbles for iMessage, forward calls to VoIP), but I need the iPhone to keep iMessage. These communications aren’t private anyway, so it seems like it doesn’t hurt the situation any further to use an iPhone for them.
Since I already have a “real” phone number on my iPhone, this lets me use a data-only eSim through silent.link on my Graphene phone, which is much cheaper and hopefully keeps it more anonymous. Having an iPhone also lets me maintain a MySudo account, which I use from my Graphene phone.
I’m curious what others in the community think of this approach.
As someone who has both a GOS Pixel and an iPhone, I don’t think it’s pointless, it really depends on your usage of course. It does very much help with segmentation of data and apps.
I have both an iPhone and a Pixel, for 2 different purposes and I can tell you, yes it can make sense to have for privacy and security, just depends on what purposes of each
Does it make any/much of a difference if you put minimal data on the stock Android phone and use a new Google account that you use for no other purpose than because it’s required in the setup of the phone and to install any apps on it?
I do have a VPN on all my devices, so I do take precautions and I don’t have social media apps (and also deleted anything using Canta/Shizuku related to Meta or Facebook, as well as several Google apps which had the “recommended” label ie not system apps or needing expert knowledge) and try to do as much as I can in Brave browser in particular.
But I do have the usual preinstalled stuff, so I don’t expect it to be anywhere near as private as GOS, but I hope using the stock Android minimally could still be okay? Do these phones typically record conversations and stuff like that even when not using the phone?