With this reasoning, Microsoft Edge and Opera are far more private than Tor Browser, Mullvad Browser, and Hardened Firefox. And Windows 11 is more private than Whonix and Secureblue.
Security is a prerequisite for privacy, but security doesn’t equate to privacy.
Stock Android is less private but more open than iOS and having a Google account and proprietary Google Play services is pretty much a necessity. There is a workaround which is installing the Aurora Store and using that only to update system apps. From my experiences Stock Android will re-enable and re-install all of the bloat you previously removed every time it updates.
There is no lesser evil and with the current situation of phones, it’s probably better to stay away from them as much as possible and stick with desktops even though desktops are less secure.
It does not follow from what I said. Another example regarding privacy and security: some Linux distributions, such as Mint, can be as private as you want, but if they use X11, applications are not isolated (as they are with Wayland).
So no, I also don’t think there can be privacy without at least some security.
If you are vulnerable to exploits because updates arrive late or never arrive, your OS is not secure and therefore neither is your data (as often happens with custom ROMs).
If you are not able to disable the privileges of Google services (as you can with GrapheneOS through gsmcompact), you also won’t achieve the desired privacy even if you don’t use a Google account.
So, all things considered, Apple is the lesser evil if you can’t get a Pixel with GrapheneOS. And believe me, I hate Apple for its anti-consumer practices…
One unfortunate part about being in this space is that we need to occasionally defend Apple despite their horrible practices.
Nobody is saying that Apple is the final choice for those looking for a security-minded non-GOS phone. It can work if you are simply trying not be hacked and have some decent privacy protections for third-party apps. Even stock android is quite secure (not private) if you stick with a Pixel device.
Security concerns aside, Linux phones do exist for those who only care about privacy. They may have horrible security practices but to be frank, you probably shouldn’t be doing sensitive tasks on just one phone anyways.
Why isn’t iOS in this chart? But since some people consider iPhones as the next best alternative to a Graphene phone in terms of privacy, I wonder if we shouldn’t also take chinese devices into consideration such as phones with HarmonyOS or de-googled chinese phones. Chinese elites such as politicians and CEOs use Huawei devices, so they might be worth to consider as well.
Digital sovereignty is another important factor to consider. If you are a government official, you are mostly worried about not being hacked. Almost everything you do on your phone will be recorded anyways. Hence why Chinese officials may use Huawei devices but you probably shouldn’t if you cared about every single other factor.
Unless you are a Chinese official with a hardened phone provided by the government’s IT department, you should never be using a Huawei phone at all. Consumer phones differ greatly from government-provided devices.
Just because a government official of country uses it does not mean that the average consumer should. This is the same logic for any country with a functioning domestic OEM. For example, Korean officials owning only Samsung devices or a Russian official owning a Russian-made device does not prove the merits of the OEM in question.
Chinese mobile phones are monitored by the Chinese government. If Chinese officials and politicians prefer to use Huawei phones, it will mainly be because they don’t mind being monitored by their own government.
There may be other reasons: supporting the national industry, better domestic services and apps, more affordable prices, etc.
On the other hand, iPhones are obviously American phones. At first glance, it seems one can trust their technologies and privacy measures. I don’t trust them, because it’s a multinational that has, on some occasions, shown itself willing to leak information to the government or leave a backdoor to access it (Snowden), collect user data, etc. But at present, from my point of view, it’s more a matter of principle and ideology than anything else.
GrapheneOS, on the other hand, is a non-profit organization that has never given any reason for suspicion.
I disagree. The Graphene business model is extremely intransparent. You can’t look up who is financing them. You don’t have this extreme intransparent behaviour with Mozilla, Wikipedia, Tor project or Linux. You can look up which organisations/corporations/governments are funding them. But not with Graphene.
But there are plenty of more reasons to distrust Graphene. The most severe reasons are:
There are no professional third party audits of the GrapheneOS code.
You have to blindly trust in the proprietary hardware of the most insidious data extraction corporation in the world.
Because the phone ecosystem is just that bad. If Linux disappeared today a few of us could make the switch to OpenBSD or FreeBSD but most of us would be stuck defending Apple or Microsoft.
Apple and iOS wouldn’t be so bad if:
They guaranteed unlimited OS support or at least 10 years of security updates for all their devices (and perhaps only released new iPhone models half as often as they do now and encouraged their customers to keep their phones)
They made phones that are easy to repair and provided free repair manuals with each iPhone (or at least a digital version which can be downloaded offline)
They allowed app sideloading like Android despite the security risk and alternative app stores like an F-Droid equivalent to iOS became popular
They allowed alternative app launchers and browser engines
They allowed uninstalling any app that wasn’t critical to the OS
Their app store only required a payment method when downloading a paid app or when making an in-app purchase instead of requiring one for any free app
They didn’t require an Apple account to download free apps from the app store or update apps already installed, just only for paid apps.
If all this were to happen, they would be a far better choice than Stock Android and could possibly make GrapheneOS not worth the trouble for most people.
Matchbox posted this back in 2023.
“The problem with audits the way we traditionally think about them (a company being paid to go through a snapshot of the codebase at a certain point in time) is flawed. New code is introduced all the time, so auditing a snapshot of that is not really going to be useful at any given point in time, since the “audit” would be outdated soon after.”
I can see audits if an app or service gets updated a few times per year but it’s a serious waste of money to audit something that is changed on a weekly bases.
Usually you get about 7 years of full OS updates and pretty close to 10 years of security updates. No one really does unlimited updates for any device. The security of the operating system is tied with the security of the firmware and hardware so eventually you need to upgrade. iPhones already have some of the longest support cycles in the industry.
Apple provides manuals online for their products as well as a way to buy parts to repair them. As for repairability, iPhones outperform Pixels according to iFixit. It’s worth noting that iFixit is officially partnered with Google so if anything they should be biased toward pixels.
You can already uninstall almost every single app. The only ones you can’t delete are photos, settings, camera, App Store, messages, Safari, and phone.
Group policies can be used to make Edge and Chrome private
Even if a device used an entirely open source SoC design with open source RISC-V cores (the most widely deployed RISC-V cores are not open source), open source caches, an open source memory controller and all of the other CPU components, you would be placing just as much trust in the manufacturer as with a proprietary CPU. Having an open source SoC would not mean the manufacturer of the SoC isn’t trusted. You have no way to confirm that an open source chip has hardware matching the chip design. The manufacturing processes are also closed source even for an open source SoC.
Pixels use Trusty OS as their TrustZone firmware implementation, meaning it’s based on an open source project
Apps on traditional Linux have much more privledges than on other operating systems, so privacy can be easily breached compared to other OSs. In this sense, even iOS is vastly more private than traditional desktop Linux.
