Would you consider Insular or Shelter as a privacy threat?

I’m using GrapheneOS for quite some time now. And i used to have a work profile with GSF and “privacy invasive” apps. I’s recently reset my phone, and am wondering if i should have a work profile as before, of if i should create user profiles for those apps (as recommended by Graphene’s community).
The threat i’ve been explained is that work profile is managed by an app (shelter or insular) and it adds a layer of vulnerabilities, and an app to be trusted. Therefore, they recommend to create different user profile as they’re native in Android.

So what would you recommend?

I would say the recommendation is based on your threat model.

If your threat model requires big security, the you should use different user profiles. If not, then it is about your personal preference.

The advantages of work profiles are that

  • you can run apps in it simultaneously with your user profile and
  • (in my view) easier to setup (no need of replicating setting etc.)

but the advantages of user profiles are

  • more/better sandboxing and separation (each profile has it own signing key, more on the feature page of the GrapheneOS site: Features overview | GrapheneOS)
  • not being reliant of apps like Shelter, that can give additional attack surface and
  • not being limited to create only one work profile per user profile.
1 Like

I second this, but i like to add that using a work profile can take up quite some battery.

Oh, I didn’t know work profiles consumes more battery, thanks

Shelter doesn’t have internet permissions.

User profiles are more secure than work profiles.

As a GrapheneOS user, you have the unique ability to receive notifications across user profiles.

Surely if you turn off work profile it won’t use battery