The Privacy community on Reddit, and here on PG seems to agree that iOS is better than Android in terms of privacy and security. However, I could not find any details on exactly what makes iOS more secure or private compared to Android, apart from it utilising more reliable “Face ID” technology.
In fact, from my superficial look and understanding of computers, this does not seem to be the case, the other day (literally) I switched from being a life long iOS user to an Android user. Android appears to give you more options regarding disabling applications, services and editing their permissions. So what really is the case?
I also really want to switch to Graphene as I have discussed before extensively, but a number of safety features, namely car crash detection, safety check + location sharing, crisis alerts, and practicality and security features such as Google Pay, the song finder, find my device, are making me hesitant, as well as features that I do not even know that GOS does not have. This leads me to ask, do any of you know of any great Android hardening guides, or do you have any tips? This also leads back to the original question in the title.
Sorry, could you clarify what you mean by this? Also, I need to clarify that by Android I mean the stock OS that comes installed on Google Pixel phones.
Again, at a glance this does not appear to be the case:
This is exactly the advice I was looking for. While most of this advice seems to be common sense, I have some questions regarding the reasoning behind some of the advice, firstly, isn’t DoH the golden standard according to PG? I am using AdGuard for Android, and I am asking because, I have no technical knowledge regarding computers. I am simply following PG’s advice. I was not aware that VPNs could do DNS-based content filtering, as an example, I thought you had to use Mullvad VPN alongside Mullvad DNS. What are the implications of disabling Bluetooth and Wi-Fi scanning, i.e., what is the point of doing this, and how will it affect the device?
Not sure what AdGuard actually does apart from encrypting my DNS requests, it also seems to have a firewall option, so maybe it can block Google’s connections. When I visit a HTTPS site my activity is encrypted anyway I presume, not sure if it is E2EE though. I forgot to mention I bought an AdGuard subscription.
I will experiment with disabling Google’s apps (they apparently can’t be deleted), ideally trying not to break anything.
This is exactly what I mean, it’s a bit vague with how a hardened stock Android compares to GOS or iOS. PG mention in their Android guide that the Google apps require invasive integrations, but they do not mention what is meant by this exactly, and to what level hardening the stock Android OS addresses this, for example I assume, Google Play Services can be disabled.
By this do you simply or colloquially mean turning off Wi-Fi and Bluetooth? I recall PG providing a good explanation for their reasoning for this, but I forgot where that is.
You should disable Wi-Fi and Bluetooth while not in use, yes. But Wi-Fi scanning and Bluetooth scanning are different options that work even with Bluetooth and Wi-Fi disabled.
I would recommend getting rid of the AdGuard app and specifying this server, dns.adguard-dns.com, in Settings - Network and internet - Private DNS.
The configuration depends on the OS, for example on iOS you would have to generate a configuration profile where you could pick between DoH, DoT, etc.