should i just download the apk for proton mail and that would be a good option for privacy and security - would i need to worry about updates if i download the apk?
According to our recommendations, you should obtain your apps through something like Obtainium or the Aurora Store. With just the APK downloaded from the website, you would need to apply updates manually.
Graphene OS’ sandboxed Google Play is potentially another option here as well.
thank you! so how would you download an email on your graphene os to reduce the risk of spyware and which one would you get ? thank you very much!
The most secure option by far is using sandbox google play to download Proton Mail. You are always safer installing from an official app store even when accounting for privacy drawbacks. Obviously, you will sacrifice some privacy by having a Google account tied to that download, even if it has reduced permissions and access to your phone. You can always make a secondary account though.
Obtainium is generally privacy-friendly, but do have some security drawbacks. However, I want to emphasize that you will most likely not get spyware from downloading Proton Mail. Unless you are downloading random apps through this method, you should be safe 99% of the time. Since this is a privacy forum, we generally prefer these options but I can’t give you a solid recommendation on how to download a mail app without knowing your threat model.
For example, are you worried that you will accidentally download a malicious app? Are you afraid of having your information exposed and being the target of a zero-click attack? Those are two different things and require separate recommendations.
1 Like
so for a zero-click attack in order to minimize that, what would be the best way to go to donwload basic apps like signal (or molly - which do you think is better to deter such spyware attack?), proton mail, organic maps, and a vpn (which vpn do you recommened in this case to get)… thats like everything i need and I would like to download it in a way to minimizes spyware zero day scenario attack… thank you!
You are asking questions out-of-scope of your initial post. I’ll still answer them, but keep in mind that we can’t do your research for you. Try avoiding this in the future when you post.
Anyways, Molly is great for anti-forensics and anonymity because of its encryption-at-rest and Tor/Orbot support. However, the official Signal app will be updated first.
If zero-click attacks are your main concern, I would honestly just download all my apps from sandboxed google play as they will get security updates faster.
3 Likes
thank you very much I will take it into consideration
last follow up, by sandboxed google play would downloading from aurora store be relatively the same - sorry not a very techy person - and answer “Yes or No” would be enough - thank you!
Closing topic after this reply. But yes, the Aurora store and sandboxed google play are nearly identical in terms of user experience.
Follow the instructions here.
1 Like