I am a new grapheneos user. I love the operating system! I have had my pixel phone for a couple of weeks now but I have not been using it because I am trying to gain the knowledge to make sure I do everything as perfect as possible when it comes to having a private phone. I guess I am experiencing information overload and I need to actually just start using my damn phone!
So my first question is what are some ways I can harden the OS before I even start using the phone and before I start installing apps? For all the default grapheneos apps, I have turned off pretty much everything: permissions, background mobile data, open links, display over other apps, modify system settings. Location is turned off. Keeping the wallpaper to the default colour. Wifi and bluetooth scanning turned off and wifi and bluetooth is turned on only when I need it. Wifi mac address is randomized. This is the default changes I will have for every profile that will be created on my phone.
My second question is about profile setups. Again, feedback will be appreciated how I can harden my profile setups to be as private and secure as possible for my needs. The owner profile will not be used at all and will be locked with a password. I will have three additional profiles:
Profile 1: A physical sim card will be used and this profile will therefore be used as my personal profile where I will be installing the Firefox browser to do personal unannonymous activities such as banking, online shopping etc. The only other app that willil be installed on this profile will be the aurora store to install and update the firefox browser.
Profile 2: This will be used for anonymous activities such as creating and using annonymous social media accounts. The brave browser and Orbot will be used to achieve this. The only other app installed will be the aurora store to install and update these 2 apps.
Profile 3: This profile will only have Tor browser installed.
Additional questions:
1) I have heard conflicting opinions about installing browser plugins. Some say it is not good for privacy or security but the Tor browser itself has plugins installed out of the box. Obviously Tor is not normally used for personal unanonymous activities therefore the plugins would not know much about you and hence why plugins on Tor is not really an issue? For my 1st profile for unanonymous activities, should I install a plugin such as Ublock Origin on the Firefox browser? Even though the firefox browser will be used for unanonymous activities, it would be nice to have Ublock Origin to block requests being made to trackers. But would having Ublock Origin be a privacy or security concern?
2) If I use display over other apps, is this a privacy concern? For example, if I use Newpipe over the brave browser, what information does newpipe have access to. Does it see what I type and everything shown on the browser?
Sorry if I wrote too much. It is not easy for a noobie like me to learn and implement a privacy lifestyle without the help of other humans!