Using regular or open source apps?

[deleted]

On my pixel 6a I installed GrapheneOS.
For some work and banking applications, I had to install google services and the play store. So I decided to install all the apps from the playstore. (I don't like having too many apps, like f-droid, aurora and playstore).
Wandering around the playstore, I used common apps (the popular ones) for years and then switched and used only open source apps for 3 years (Newpipe, Catima, Molly, Joplin, NEwsblur, Openreads, Wallabag) apart from some apps that are really good (like newpipe). At the level of security and privacy (assuming I use ProtonVPN) what can change to using the regular apps? example: using feedly instead of newsblur, pocket instead of wallabag, Stocard instead of Catima etc... (obviously no google services, I prefer Proton ecosystem).
I think, aside from supporting the world of open source and digital ethics, using a vpn and grapheneOS (with the management of various permissions, like storage scope, take away internet etc...), I think it may be indifferent to use non-open source apps. What do you guys think? what does the graphene team think?

Eagle_Owl

[deleted]
Hi,
I think that's perfectly fine and not a privacy/data protection issue if you've only chosen privacy-friendly apps from the Play Store (okay, banking apps aren't privacy-friendly because of their trackers, but for this we have no other chance and these trackers support also customers protection – your bank can see, if your phone is on expected places or suddenly in another country – then transactions will be blocked, mostly).

Your decision to use only one app store is also not bad.
Google does a lot for the security of its App Store.
You can still catch contaminated apps there, but the probability is very low to zero if you don't try out every piece of crap, pay attention to ratings and the number of downloads and, if possible, don't install any games or dodgy apps that make abstruse promises.

There are many reputable developers who do not use adverts inside their apps and therefore do not support dubious connections to advertising networks. This means that no personal data flows secretly and usually unencrypted to various advertising companies.

I would not use a VPN.
Assuming it is one of the very rare trustworthy VPNs, you can do it.
Edward Snowden: A VPN is a single point of failure.
Better: Private DNS, use only websites with TLS 1.3 (exceptionally TLS 1.2) and otherwise use Tor if necessary.

raccoondad

[deleted] I honestly just use whatever I find most useful. While I try to use open source applications for many reasons, if I need a service like CashApp, im going to download the app.

Then again my concerns are most usability based with FOSS than privacy

[deleted]

Eagle_Owl I would not use a VPN.
Assuming it is one of the very rare trustworthy VPNs, you can do it.

I use Proton service and Proton VPN, have encrypted systems.
Ps I have never installed a game on my cell phone and would never do so.

N1b

As so often this only depends on your needs and may differ from app to app. Open source is not necessarily better or more private than closed source, and there are many insecure, abandoned or badly coded open source apps out there.

I say if you have Sandboxed Play Services installed, definitely go with the Play Store for installing your apps, it's your most secure source. You might need another source for apps that are not on Play Store for obvious reasons (e.g. NewPipe or InnerTune) or if they are handicapped (IVPN used to not have anti tracker feature on Play Store Version).

Personally I prefer open source when the app is popular and well maintained for transparency reasons.

[deleted]

N1b Personally I prefer open source when the app is popular and well maintained for transparency reasons.

Same, example, libreoffice, newpipe, 7zip ecc...