Before really getting into privacy this year, I purchased a new phone (Samsung S23). Sadly, I am unable to install GrapheneOS on it now, so I was wondering what the risks are of using the stock OS over something like GrapheneOS.
What are some steps I can take to increase my privacy, and what are the threats I face using the stock One UI?
So far, I have uninstalled anything I do not need, I am using all FOSS apps (some downloaded from the playstore I’m afraid, as AuroraStore was giving me errors and wasn’t reliable), I use RethinkDNS to block internet access for various applications (though I am not using any blocklists, as I found them interfering with receiving messages and notifications on Signal), and am using a dummy samsung and google account with no personal information just to unlock some features of my device. Are there any other steps I should be taking to increase my privacy?
You can try debloating your Samsung via this. Be VERY careful with what you disable/uninstall, as it can cause major problems. Search up the info about the packages on the internet, in case the application I linked doesn’t give information about some of them (or gives not enough information to make a confident choice whether to disable/uninstall a package or not). I strongly recommend treating it as an experiment which can go wrong badly, and you will end up having to factory-reset your phone. Ideally, you should backup all the data that is important for you, and then begin debloating.
Via the same application that I linked, it is also possible to disable/uninstall Google Play Services from the phone. But you said you need a Google account for some features, so you can skip this whole paragraph, or read it just for information.
So, you can disable/uninstall Google Play Services, however — it comes with a lot of negative consequences, severity of which ranges from moderate (push notifications of some apps will stop working, some apps won’t work/existing apps may stop working, …) to major (device can enter an infinite bootloop, so you will have to factory-reset). I generally don’t recommend doing that. It completely depends on your use-case, though. One should do it only if they are aware of the consequences of the lack of Play Services on their phone, or treat it as an experiment through which you can learn. For example, you can learn and see firsthand how disabling Play Services can destroy some features of your device =)
I removed Google Play Services + Google Services Framework from my old Huawei, and I’m fully okay with the consequences, they don’t bother me. Note that I don’t recommend you to disable/remove Play Services from your Samsung, I only inform you that it is possible. It just depends on how and what you use your phone for.
…
Did you read the post? That person has Samsung S23. There are no trustworthy/reputable alternative OSes for it. And I would never recommend installing some custom ROM from some rando on “XDA Developers”.
whether you have explicitly given those samsung and google accounts personl information or not, they still are a persistent identifier. What kind of functions would require those accounts that wouldnt themselves be a privacy nightmare?