New GOS user with some questions

DeletedUser68

Greetings everyone, I've been lurking the forums for a bit and after some deliberation decided that my next phone was going to be a pixel 8 on which i would install GrapheneOS. And so here i am now, slowly migrating from my previous phone, the iPhone X (10). I also bought 2 Yubikeys to secure important accounts.

Anyways i have a low threat model and was wondering how a user like me should best go about transitioning to a more secure and private online life while still maintaining a good amount of convenience. starting with the phone.

What I've already done with my GrapheneOS phone:

Installed Software:
├── Google Play
├── The entire Proton suite
└── Aegis (2FA App)

Settings:
│
├── Network & Internet
│   │
│   ├── Internet
│   │   │
│   │   └── Network preferences
│   │       ├── Notify for public networks (Off)
│   │       └── Turn OFF Wi-Fi automatically (ON 1 min)
│   │
│   └── VPN
│       └── Proton VPN (Always on & Block connections without VPN)
│
├── Connected devices
│   │
│   └── Connection Preferences
│       │
│       ├── Bluetooth
│       │   └── Turn OFF Bluetooth automatically (ON 1 min)
│       │
│       ├── NFC
│       │   └── Require device unlock for NFC (ON)
│       │
│       └── Printing
│           └── Default Print Service (OFF)
│
└── Apps
    │
    └── All Apps
        │
        └── App Permissions
            │
            └── Google
                │
                ├── Play services
                │   └── Network + Sensors + Allow background battery usage
                │
                ├── Play Store
                │   └── (Same as Play Services) + Notifications
                │
                └── Services Framework
                    └── (Same as Play Services)
                    
Security
├── Screen-lock (PIN)
├── Fingerprint Unlock (none)
├── USB-C port (Charging-only when locked)
└── Scramble PIN input layout (ON)

As far as I'm aware, this is all I've changed. Anything not in this list is set as the default option.

Things I'm thinking of and would like thoughts or advice on:

1) Putting the SIM card currently in my iPhone into my GrapheneOS phone. (How much privacy and security do I lose by using my current sim or a sim in general?)

2) Should I use a second profile for non-FOSS apps, or is it fine to have them on the owner profile? Non-FOSS apps would be WhatsApp, Discord, Spotify, Banking, etc. (Do I even gain much privacy or security from using a second profile since the apps are already sandboxed anyway?)

3) I'm slowly migrating all my accounts from Google to Proton. Is it worth investing in a Proton unlimited plan? I would be using all the features (More then 1 Email, VPN on all my devices, backing up photos and temporary files, Password manager with simple-login, calendar for planning and also probably upcoming notes)

3.1) Does changing account emails to email aliases improve privacy? For instance changing my Spotify or Discord email from example@gmail.com or example@proton.me to an email alias.

Any advice, information or opinions on these thoughts and settings is appreciated.

Also if this post isn't structured correctly or i should separate the questions into different discussions please let me know for the future.

Aeon

DeletedUser68

no advice, but using GrapheneOS with one profile, google services installed and your usual apps from the old phone is already a huge security privacy improvement.

going from there branch out. remove unnecessary permissions from apps. or even remove not needed apps and use the website as pwa instead. then you might start using storage and contact scope with apps that dont work with permissions for files/media or contacts.

there is no right or wrong, there is a lot of advice her on the forums and you have to adapt it to your use case and thread model.

Graphene gives you security and choice which makes it so great.

p338k

DeletedUser68 1) Putting the SIM card currently in my iPhone into my GrapheneOS phone. (How much privacy and security do I lose by using my current sim or a sim in general?)

Your service provider will be able track you while your phone is not in airplane mode or otherwise shielded and potentially associate your movements with your actual identity. Since you already have an iPhone, it won't be a downgrade.

DeletedUser68 2) Should I use a second profile for non-FOSS apps, or is it fine to have them on the owner profile? Non-FOSS apps would be WhatsApp, Discord, Spotify, Banking, etc. (Do I even gain much privacy or security from using a second profile since the apps are already sandboxed anyway?)

That is a personal decision. Apps can see what other apps are installed in the same profile. They can also communicate with one another if designed to do so (e.g. presumably Facebook and Instagram). It is easier to use a single profile, so I would recommend that unless you have specific apps that you don't want others to see or communicate with. Separate profiles also have separate encryption keys, so you might find some reason to put particularly sensitive apps/data that you use infrequently in a separate profile.

DeletedUser68 3) I'm slowly migrating all my accounts from Google to Proton. Is it worth investing in a Proton unlimited plan? I would be using all the features (More then 1 Email, VPN on all my devices, backing up photos and temporary files, Password manager with simple-login, calendar for planning and also probably upcoming notes)

If you plan on using all of the Proton services, Proton Unlimited could be a good deal.

DeletedUser68 3.1) Does changing account emails to email aliases improve privacy? For instance changing my Spotify or Discord email from [example@gmail.com](mailto:example@gmail.com) or [example@proton.me](mailto:example@proton.me) to an email alias.

The services may or may not "forget" your previous (unaliased) email address, but it could help with when they get breached. It won't hurt privacy and could help.

Shendai

DeletedUser68 You have already made the most important decision for privacy and security, using GrapheneOS as well as Proton for services like email & VPN. Others have added valid suggestions that I won't duplicate.

I'll just say, particularly coming from the Apple ecosystem, focus (as you have been) on functionality first. Some users got discouraged by their apps not working, and reverted to stock Android, which is an unfortunate mistake in my opinion, but their device, their call.

It is exceedingly rare to find something that doesn't work at all in GrapheneOS. As an Apple user who's used to an exceptional camera, you might consider installing the actual google camera app, it does have some functionality not present in the default camera app included in GrapheneOS, though that one is getting better.

Aside from that, be patient, have fun with it, and welcome to GrapheneOS!

mmmm

If you're getting 'in' with proton, then the unlimited is a worthy option.

Email privacy is a pita. I would go through every account you have and change everything to an alias. It may seem redundant as they have already likely had your joeblogs@ hotmail.com link but still. Any new ones you create give alias. I would use a true alias like simplelogin.

I would use your free pm emails to create several emails to use for 'real life' purposes. The main sign up one use for nothing, but create non anon ones for banking etc, semi anon ones initals@ pm.me for social networks when they know who you are anyway but you dont have to care if the accounts get spammed. A couple of pseudonym address to use when you need to keep up an appearance but wish it to be an alt.

DeletedUser68

mmmm

I've been switching all my accounts to my 1 free Proton email address.

So you're saying if i decide to go unlimited i should.

Switch all my accounts over to an Simple-login alias.
Create a new proton email address that i only use to login to my Proton Account.

mmmm

DeletedUser68
1, I would - I did actually. But dont stress just as and when. You can link your old email address (assuming gmail) to proton so you receive the emails into your inbox. You can change them as they arrive if you deem necessary. At the same time close old accounts you dont need and remove your data.

2, if you already have one no perhaps dont bother. I was talking as if you started from afresh. I did it like you and my login 'real' email is attached to my important accounts. I did that mainlybsonif I ever had to revert to a free account for financial reasons it wouldn't mess up my necessary emails. With hindsight it would have been more prudent to never have given my access email away.

DeletedUser68

p338k Thanks for the long reply

p338k Your service provider will be able track you while your phone is not in airplane mode or otherwise shielded and potentially associate your movements with your actual identity. Since you already have an iPhone, it won't be a downgrade.

I already read about the tracking but thought mabye GOS does something more to make it harder to track you while using the sim (Don't know how that would technically be possible though). Also what do you mean with "It wont be a downgrade" i don't understand what im not downgrading from.

p338k That is a personal decision. Apps can see what other apps are installed in the same profile. They can also communicate with one another if designed to do so (e.g. presumably Facebook and Instagram). It is easier to use a single profile, so I would recommend that unless you have specific apps that you don't want others to see or communicate with. Separate profiles also have separate encryption keys, so you might find some reason to put particularly sensitive apps/data that you use infrequently in a separate profile.

I will only be using 1 app per mega corpo i think i will use WhatsApp, Discord and Spotify atleast but im already looking to see if instead i can slowly move towards things like Signal and other FOSS alternatives.

p338k The services may or may not "forget" your previous (unaliased) email address, but it could help with when they get breached. It won't hurt privacy and could help.

Thats what i was thinking with the breaches and its already been agreed upon twice in this discussion that switching to aliases for most of my online accounts might be a good idea privacy and security wise. So i'll look into it if i decide to upgrade to proton unlimited or maybe proton pass

p338k

DeletedUser68 I already read about the tracking but thought mabye GOS does something more to make it harder to track you while using the sim (Don't know how that would technically be possible though). Also what do you mean with "It wont be a downgrade" i don't understand what im not downgrading from.

GrapheneOS limits Google Play from accessing your hardware identifiers, but it cannot do anything about your carrier. By "downgrade" I simply mean that you won't lose additional privacy compared to iOS.

DeletedUser68 Thats what i was thinking with the breaches and its already been agreed upon twice in this discussion that switching to aliases for most of my online accounts might be a good idea privacy and security wise. So i'll look into it if i decide to upgrade to proton unlimited or maybe proton pass

Aliases also make credential stuffing attempts more difficult since each account can use a unique alias, so you will get fewer annoying notifications of people attempting to access your accounts.

DeletedUser68

mmmm

mmmm 1, I would - I did actually. But dont stress just as and when. You can link your old email address (assuming gmail) to proton so you receive the emails into your inbox. You can change them as they arrive if you deem necessary. At the same time close old accounts you dont need and remove your data.

I already linked my gmail to proton to receive the emails into my inbox.

mmmm 2, if you already have one no perhaps dont bother. I was talking as if you started from afresh. I did it like you and my login 'real' email is attached to my important accounts.

Yeah no im not starting fresh fresh, i did start very recently though. My "main" Proton email is already linked to some accounts which used to be connected to my gmail. But i might switch the accounts connected to my "main" Proton email to aliases anyway since there is no harm in doing so.

mmmm

Regarding profile separatation; i have an unused 'tidy owner', except for protonvpn installed so I dont leak by accident - plus 1 profile for gen use again behind a vpn and then an 'anon' profile just for tor locked behind an anon free proton vpn because i wish to hide my tor usage from my provider, but rather but wasn't at all linked to any of my ids.

I dont have any google services or play store installed though. Not yet anyway. If the inter app communication scope does what I want when it's released then I will probably remove this limitation.

mmmm

The caveat to my recommendations is that i'm also quite new to graphene, also coming from ios, although I have been privacy aware with everything other than that for the past 6 years.

DeletedUser68

mmmm I'm also quite new, and my decision to switch to GOS was driven more by
enthusiasm for the project and wanting to use services and software which respect the user. I don't need to use GOS because as i said my threat model is pretty low but i still like trying to optimize for security, privacy and convenience.

DeletedUser68

p338k GrapheneOS limits Google Play from accessing your hardware identifiers, but it cannot do anything about your carrier. By "downgrade" I simply mean that you won't lose additional privacy compared to iOS.

I get what you mean now thanks for explaining. I'll probably just turn on airplane mode if i feel like im going somewhere where i don't want people knowing where im going.

p338k Aliases also make credential stuffing attempts more difficult since each account can use a unique alias, so you will get fewer annoying notifications of people attempting to access your accounts.

Luckily i don't get these notifications i've been pretty careful where i use my email for a long time now, and is as far as i know not been in any data breaches so lucky me!

Also new question popped into my head when writing this. If i insert my old sim into my GOS phone should i view it as infected or compromised?

What i mean by that is even though when you don't have a sim card inside you're phone (To my knowledge) cell towers are still pinging you're phone so it can know for instance the current time.

So lets say i plug in my old sim, connect to a tower and then remove the sim do the cell towers now know that that phone is mine even if there is no sim card inside it anymore?

Because like you said the phone has "hardware identifiers" which can then (In theory) be used to associate the sim card and the personal information tied to it with my GOS phone (Even though the sim isn't in my GOS phone at that moment) because it once was in my GOS phone at one point in time linking the two together.

Let me know if this doesn't make any sense btw just thought of it in the moment.

p338k

DeletedUser68 Also new question popped into my head when writing this. If i insert my old sim into my GOS phone should i view it as infected or compromised?

What i mean by that is even though when you don't have a sim card inside you're phone (To my knowledge) cell towers are still pinging you're phone so it can know for instance the current time.

So lets say i plug in my old sim, connect to a tower and then remove the sim do the cell towers now know that that phone is mine even if there is no sim card inside it anymore?

Because like you said the phone has "hardware identifiers" which can then (In theory) be used to associate the sim card and the personal information tied to it with my GOS phone (Even though the sim isn't in my GOS phone at that moment) because it once was in my GOS phone at one point in time linking the two together.

Let me know if this doesn't make any sense btw just thought of it in the moment.

I am not sure what you mean by "infected" and "compromised." I am not aware of iOS injecting malware into sim cards. The cell services will know that you moved the sim from one phone to another. Your carrier won't know that you still own the iPhone, but removing the sim doesn't make the carrier "forget" your iPhone. Likewise, the carrier won't magically "forget" that the sim was in the Pixel simply because you removed it.

If you don't want to broadcast to cell towers, enable airplane mode.