My name is Kevin, from Europe, and also my first post and question about my threat model.
I work in the IT sector but not that much regarding security/privacy topics.
I understand the difference between them but I’m not sure if my threat model is high enough to change iOS to Graphene.
My devices:
iPhone 16, bought last august with apple care till 2027
ADP enabled
Adguard Pro and nextdns installed on iPhone
Hardened with the guide on this website
Proton Mail, Pass, VPN, Auth.
Apple Watch 10 with apple care till November this year
iCloud+ subscription
shared photo albums and tasks with my wife.
Garmin Venu 3
Homeserver with Proxmox
Home Assistant
Immich installed, not yet in use
Nextcloud installed, net yet in use
Adguard Home
Proxmox backup server
Tailscale
Work apps: OneDrive for Business 300Gb, Owncloud with 1Tb.
Google Pixel 7 pro with GrapheneOS in the drawer.
My threat model:
I don’t like the world is going.
Advertising, Trump with his big tech friends like Tim Apple :), google etc.
Profile building of my iPhone and (personal)data. Europe with chat control, data leaks.
My question:
I like the iPhone because I can’t change much and therefore feel some kind of safe.
The wall garden is nice with their services but scary/hard to get out if it.
I tried Android years ago. Honest, I often get overwhelmed with customization and settings but on the other hand is also feel free.
But my threat model is more important then that.
Is my current iPhone + settings safe from telemetry, profile building and Chat Control ?
Apple advertises with privacy first and on device. But he, it is the US and I don’t trust them.
With regard to chat control, I think it will simply be enough to use Signal with end-to-end encryption, I doubt that the signal developers will implement a backdoor
First of all, welcome to PG, and thank you for your well-structured post.
In terms of mobile phone platform, I think iPhone (iOS) is okay, unless you are going to switch to Graphene OS, otherwise I don’t think it is worthwhile to switch to Android (no matter what manufacturer you choose).
IMO what matters more is the applications you use, what information you keep within Apple ecosystem, and other general digital / personal privacy hygiene.
Keeping using your iPhone as you normally do but experiment with having GrapheneOS for things you consider more sensitive for the day to day. Being that iPhone is fair compromise and youve done all you could I’d say keep it but around since you have a GrapheneOS experiment with different workflows on it. The best way to resist all the customization stuff is to be clear what you want from Android in the first place
I think it probably makes sense to switch to GrapheneOS, but not as a next step for you.
Finishing this…
…and using them on your (and your wife’s) iPhone would be a good next move to see if you can move further away from iCloud.
After that, you might want to evaluate other cloud services you’re using and try and limit/encrypt/self-host them as much as possible. When you’ve taken care of those internet connected things I might revisit the iOS/GrapheneOS situation at that point.
Since your work in tech and already have a home server, this is a no brainer, dump Apple, Google and Microsoft ASAP and go full-on self-hosted (Graphene with only FOSS apps connected to your servers). If you have a public IP for your server you can dump Tailscale too, and mange your own Wireguard keys.
If you move to GOS, be ready you will most likely lose contactless payment via phone as you cannot use Google pay on GOS. If you are fine with that then GOS could be great for you.
Also, no matter what platform you use, the applications you use, what information you gave away (and how), and other general digital / personal privacy hygiene still mattered, a lot.