But majority of people do use either Google or Apple account when using their phone, they are almost necessity.
As I mentioned, Apple does not blatantly track and link all of your activities when you are singed into Apple ID, for example, as far as I know when reading news in apple news app, the app generates rotating identifier not linked to your Apple ID to preserve privacy. Also, you mentioned health data, IIRC health data does not leave device in any way if you disabled it on icloud, and even when you enable icloud, health data is e2e encrypted by default.
While stock Android without account could be great as you mentioned, but I think there are lotâs of extraordinary/false claims about Apple in your comment, without any extraordinary evidence.
With this reasoning, Microsoft Edge and Opera are far more private than Tor Browser, Mullvad Browser, and Hardened Firefox. And Windows 11 is more private than Whonix and Secureblue.
Security is a prerequisite for privacy, but security doesnât equate to privacy.
Stock Android is less private but more open than iOS and having a Google account and proprietary Google Play services is pretty much a necessity. There is a workaround which is installing the Aurora Store and using that only to update system apps. From my experiences Stock Android will re-enable and re-install all of the bloat you previously removed every time it updates.
There is no lesser evil and with the current situation of phones, itâs probably better to stay away from them as much as possible and stick with desktops even though desktops are less secure.
It does not follow from what I said. Another example regarding privacy and security: some Linux distributions, such as Mint, can be as private as you want, but if they use X11, applications are not isolated (as they are with Wayland).
So no, I also donât think there can be privacy without at least some security.
If you are vulnerable to exploits because updates arrive late or never arrive, your OS is not secure and therefore neither is your data (as often happens with custom ROMs).
If you are not able to disable the privileges of Google services (as you can with GrapheneOS through gsmcompact), you also wonât achieve the desired privacy even if you donât use a Google account.
So, all things considered, Apple is the lesser evil if you canât get a Pixel with GrapheneOS. And believe me, I hate Apple for its anti-consumer practicesâŚ
One unfortunate part about being in this space is that we need to occasionally defend Apple despite their horrible practices.
Nobody is saying that Apple is the final choice for those looking for a security-minded non-GOS phone. It can work if you are simply trying not be hacked and have some decent privacy protections for third-party apps. Even stock android is quite secure (not private) if you stick with a Pixel device.
Security concerns aside, Linux phones do exist for those who only care about privacy. They may have horrible security practices but to be frank, you probably shouldnât be doing sensitive tasks on just one phone anyways.
Why isnât iOS in this chart? But since some people consider iPhones as the next best alternative to a Graphene phone in terms of privacy, I wonder if we shouldnât also take chinese devices into consideration such as phones with HarmonyOS or de-googled chinese phones. Chinese elites such as politicians and CEOs use Huawei devices, so they might be worth to consider as well.
Digital sovereignty is another important factor to consider. If you are a government official, you are mostly worried about not being hacked. Almost everything you do on your phone will be recorded anyways. Hence why Chinese officials may use Huawei devices but you probably shouldnât if you cared about every single other factor.
Unless you are a Chinese official with a hardened phone provided by the governmentâs IT department, you should never be using a Huawei phone at all. Consumer phones differ greatly from government-provided devices.
Just because a government official of country uses it does not mean that the average consumer should. This is the same logic for any country with a functioning domestic OEM. For example, Korean officials owning only Samsung devices or a Russian official owning a Russian-made device does not prove the merits of the OEM in question.
Chinese mobile phones are monitored by the Chinese government. If Chinese officials and politicians prefer to use Huawei phones, it will mainly be because they donât mind being monitored by their own government.
There may be other reasons: supporting the national industry, better domestic services and apps, more affordable prices, etc.
On the other hand, iPhones are obviously American phones. At first glance, it seems one can trust their technologies and privacy measures. I donât trust them, because itâs a multinational that has, on some occasions, shown itself willing to leak information to the government or leave a backdoor to access it (Snowden), collect user data, etc. But at present, from my point of view, itâs more a matter of principle and ideology than anything else.
GrapheneOS, on the other hand, is a non-profit organization that has never given any reason for suspicion.
I disagree. The Graphene business model is extremely intransparent. You canât look up who is financing them. You donât have this extreme intransparent behaviour with Mozilla, Wikipedia, Tor project or Linux. You can look up which organisations/corporations/governments are funding them. But not with Graphene.
But there are plenty of more reasons to distrust Graphene. The most severe reasons are:
There are no professional third party audits of the GrapheneOS code.
You have to blindly trust in the proprietary hardware of the most insidious data extraction corporation in the world.
Because the phone ecosystem is just that bad. If Linux disappeared today a few of us could make the switch to OpenBSD or FreeBSD but most of us would be stuck defending Apple or Microsoft.
Apple and iOS wouldnât be so bad if:
They guaranteed unlimited OS support or at least 10 years of security updates for all their devices (and perhaps only released new iPhone models half as often as they do now and encouraged their customers to keep their phones)
They made phones that are easy to repair and provided free repair manuals with each iPhone (or at least a digital version which can be downloaded offline)
They allowed app sideloading like Android despite the security risk and alternative app stores like an F-Droid equivalent to iOS became popular
They allowed alternative app launchers and browser engines
They allowed uninstalling any app that wasnât critical to the OS
Their app store only required a payment method when downloading a paid app or when making an in-app purchase instead of requiring one for any free app
They didnât require an Apple account to download free apps from the app store or update apps already installed, just only for paid apps.
If all this were to happen, they would be a far better choice than Stock Android and could possibly make GrapheneOS not worth the trouble for most people.
Matchbox posted this back in 2023.
âThe problem with audits the way we traditionally think about them (a company being paid to go through a snapshot of the codebase at a certain point in time) is flawed. New code is introduced all the time, so auditing a snapshot of that is not really going to be useful at any given point in time, since the âauditâ would be outdated soon after.â
I can see audits if an app or service gets updated a few times per year but itâs a serious waste of money to audit something that is changed on a weekly bases.
Usually you get about 7 years of full OS updates and pretty close to 10 years of security updates. No one really does unlimited updates for any device. The security of the operating system is tied with the security of the firmware and hardware so eventually you need to upgrade. iPhones already have some of the longest support cycles in the industry.
Apple provides manuals online for their products as well as a way to buy parts to repair them. As for repairability, iPhones outperform Pixels according to iFixit. Itâs worth noting that iFixit is officially partnered with Google so if anything they should be biased toward pixels.
You can already uninstall almost every single app. The only ones you canât delete are photos, settings, camera, App Store, messages, Safari, and phone.
Group policies can be used to make Edge and Chrome private
Even if a device used an entirely open source SoC design with open source RISC-V cores (the most widely deployed RISC-V cores are not open source), open source caches, an open source memory controller and all of the other CPU components, you would be placing just as much trust in the manufacturer as with a proprietary CPU. Having an open source SoC would not mean the manufacturer of the SoC isnât trusted. You have no way to confirm that an open source chip has hardware matching the chip design. The manufacturing processes are also closed source even for an open source SoC.
Pixels use Trusty OS as their TrustZone firmware implementation, meaning itâs based on an open source project
Apps on traditional Linux have much more privledges than on other operating systems, so privacy can be easily breached compared to other OSs. In this sense, even iOS is vastly more private than traditional desktop Linux.