• Off Topic

  • tempted to transition from GOS to iOS

Between the security of their devices (the second most secure after the Pixel), hide-my-email, Private Relay and above all Advanced Data Protection and Lockdown Mode, that's a lot...

I've read a couple of times here and on Privacy Guides forum that GrapheneOS users have dared to say they've switched to iOS

I mean, today I saw that Apple Home data is E2EE, and even though I didn't want a Smart Home, I'm starting to think that there's nothing to stop me from doing it... If it's E2EE, why not ?!

I know that Apple's E2EE encryption has serious limitations, but, reaslistically, for whom is that a big deal?

I love GrapheneOS and I'm not one to chase after features, "cloud" and "smart" stuff, but I'm tempted :|

What are your opinions ?

    iPhones are a fine choice for a lot of people. They're reasonably secure (more than most Android phones, really). If GrapheneOS didn't exist, I'd probably be using an iPhone.

    That said, having used GrapheneOS, I personally don't think I could use anything else at this time, there's too many GrapheneOS-specific things that I would miss.

    A lot of the stuff you mentioned like private relay or hide my email, these are Apple services, but they exist outside of that. E-mail alias services like SimpleLogin or AnonAddy, along with VPNs that have multi-hop features. Apple's really solid in a lot of ways, but the thing they do best is marketing. They name things differently to make people think their offerings are one of a kind, when that's not always the case! :)

    Lockdown mode is a funny example actually. It really does a lot, but the way it's implemented is problematic. It's a toggle that does a whole bunch of stuff, and if you're unhappy with some of what it does, you have to forego the numerous benefits it provides. As a result, it's also not enabled by default, which is a shame. It's also important to note that a lot of what lockdown mode does is disable Apple services for attack surface reduction (the same services most people flock to an iPhone for :))

    In contrast, GrapheneOS always prioritizes mitigations and security/privacy features by default, not disabled by default and behind a binary on/off toggle.

    https://grapheneos.org/features#exploit-protection is just some of the things it provides by default, along with default-disabled JIT in the browser etc.

      I'm not here to argue against your decision. Just one comment:

      Humorist6543 Lockdown Mode

      As far as I can tell, GrapheneOS includes all of the features of Lockdown Mode – except of course that it does not limit any Apple services, because it contains none:

      • Android Runtime Just-In-Time (JIT) compilation/profiling is fully disabled and replaced with full ahead-of-time (AOT) compilation. The only JIT compilation in the base OS is the v8 JavaScript JIT which is disabled by default for the Vanadium browser with per-site exception support. https://grapheneos.org/features#exploit-mitigations

      • Disables connecting new USB peripherals while the device is locked. https://grapheneos.org/features#attack-surface-reduction

      • Doesn't automatically connect to open Wi-Fi networks

      • 2G can be toggled off (this is an AOSP feature)

      Did I miss anything?

            matchboxbananasynergy

            (Hi it's me again sorry I am using disposable emails throwable accounts.)
            Thank you a lot for your answer. I already knew most of your point. Yes, the next best thing after GOS is iOS.

            I know that private relay or hide-my-email exist out of Apple, but with Apple, you even get an E2EE assistant (Siri) !! How amazing is this ???????
            In addition you get reliable cloud backups, a working payment wallet solution, E2EE photos, notes, reminders, drive, Health and smart Home. You get all of this in ONE package.
            The cherry on top is that ~most all~ of these best-in-class products (Photos, Notes, reminders, …), which, again, can be E2EE.

            I mean, all of us security/privacy-focused GrapheneOS users have to deal with a lot of different companies. For instance : addy.io, Bitwarden, ente photos, Notesnook, Organic Maps, Proton Calendar/Drive, Brave Sync, etc.

            I mean, it would be cool if all these services had a unified modern design, but that's not the case.
            Bitwarden UI is quite bad, ente.io is unfortunately still far from having the same number of features as Apple Photos, even with ADP enabled, … Moreover, they are all very different (I understand that this is also an advantage to not put all your trust in one (closed-source) company, and not to favor one monopoly that kills fair competition.

                What keeps me at GrapheneOS is

                1. this post by @[deleted] : "GOS, however modest or futile it may seem on the outside, has enabled me to act on what was happening to me. It's a way of regaining some of the control our society has ceded. And that's priceless, as they say."
                2. the idea that I can't completely trust Apple because THEIR interests aren't mine, unlike what Proton claims for example.

                (Sorry last account I crate I promise I will keep it.)

                In addition to all of this, I forgot to mention the hardware side of things. You can get all of this on Watch, TV, Tablet, desktop, mobile, HomePod, … Again, all of these devices are some of the best in class (true for watch, phone, desktop and tablet).

                In addition, you can even get the most privacy-friendly mainstream streaming service.

                Please tell me what I don't see, I would like to think that the current situation with GrapheneOS is better.

                I mean, is there anything that can compete with Apple's excellent range of diverse devices AND suite of E22 apps AND services ?

                  ZorroV999
                  Can't you get that on GrapheneOS as well?

                  Personally I have an iPhone as my work device and honestly I could never use it as my primary device. I could never live with daddy Apple deciding which apps I can install and which ones i can't. I have YouTube Revanced, Reddit Revanced, etc. That means I never have to see an ad on my Android phone. Good luck getting that on iOS without spending half an hour installing stuff on your computer.

                  No Google Pay blows but you can dodge that by having a credit card with NFC in the phone case or by using Fitbit Pay on a Fitbit device. Or Garmin device for that matter.

                  Some banks offer ringers or bracelets you can pay with as well.

                      ZorroV999 it sounds like you made your decision already, and that's good and right. iOS comes with many convenience features and a unified, pretty UI. Compared to almost every Android device they are also better security- and privacy-wise.

                      I personally would never use an iPhone because of the lack of control. Apple likes to boss you around regarding apps you can install and customization you can apply. There's simply nothing like NewPipe, InnerTune and Molly on iOS. I also don't like their anti-repair agenda, premium prices and "design flaws" (notch, sharp edges, uneven camera bump). And finally I'd felt spied on by Apple at all times because they force me into creating an Apple ID and only use their app store which they track my behavior in to serve me ads.

                      GrapheneOS gives me all of the control and freedom I desire while adding a lot of security by default on top. The price I pay is to have an inconsistent design and workflow across apps. I understand that for many people iOS makes sense and is probably the right choice for them as long as they are aware of (and okay with) giving Apple a lot of control over their device and data. I just wish Apple was more honest and transparent about this, but you don't become a trillion dollar company with honest marketing I guess.

                          Humorist6544 I mean, all of us security/privacy-focused GrapheneOS users have to deal with a lot of different companies. For instance : addy.io, Bitwarden, ente photos, Notesnook, Organic Maps, Proton Calendar/Drive, Brave Sync, etc.

                          This is in favour of GrapheneOS to my eyes. I don't have one huge company imposing its apps to me and spying on me but several pieces of software that I choose to assemble to my tastes and choices, giving them trust or not, ... I can even choose to self-host my own cloud services in order to minimise my traces.
                          But the fact is - maybe for the weight of the years ? - I don't care about a unified modern design.

                            I feel Iphones are good options for people who don't know how to setup their phones or if they don't really want to tinker with anything. Your phone will be secure and somewhat private (except from Apple).

                            I guess the important question is what you want to do with your phone. Its a product after all. You pick the one that meets most of your needs

                            If Google ever shits the bed on Pixels (and they have) I will switch to iOS. I would enable Lockdown mode and keep it that way. One thing I wish GrapheneOS had is the ability to lock the settings from being changed, such as a parental control mode or profile like iOS. Something to prevent the user from disabling DNS/VPN in both the system and browser, and installation/deletion of apps.

                            N1b

                            Thank you.
                            In my case, the only apps I sideload are LibreTube and Breezy Weather so there is only one serious gotcha : Libretube.