I can't reliably answer your questions but they're not stupid, it's very reasonable concerns beginners have. I was also an iPhone user before switching to GOS, I can't say I miss Apple that much lol. You'll be surprised if you're dependent on the Apple ecosystems, but you don't sound it, so the transition should be fine.
Switch from iPhone?
beaverman20 What data is Apple collecting about me, exactly? Are they snooping on my Proton Mail and Signal communications? Are they storing my iMessages despite my iCloud being disabled? Do they still work with PRISM (or whatever the new version is) and siphon off all my data for government storage? These are the kinds of questions that keep me up at night.
- We don't know. Might be nothing, might be everything.
- Possibly. When you are compromised at the OS level, nothing you do can really be effective. All communication is decrypted on device, so if there was, say a system component making screenshots all the time and analyzing them with OCR (cough Recall cough), it would be almost untraceable and would reveal all your activities. iOS is closed source code, so we don't know. Since jailbreaking iOS also has dried out in recent years, it's getting even harder to analyze the system.
- Possibly, but unlikely.
- Most likely. There was no reason for PRISM to end, so I expect it to be up and running. Don't forget that PRISM focused way more on the provider side of things (siphoning off data server side) while nowadays it's more likely to focus on client side due to end-to-end-encryption, DoH/DoT and similar problems.
Just switching to Graphene won't solve all of your problems though. You need to change your mindset about running invasive apps if you want to significantly decrease data collection. I myself run FOSS apps only in my main profile and actively monitor connections with RethinkDNS to make sure nothing shady is going on (all seems good so far). I have Play Services running in my work profile (through Shelter) without a Google account. But - Google probably knows that the phone belongs to me. They just don't get much data out of it. If you need any advice on specific apps and alternatives, you're free to ask.
splattergames We don't know. Might be nothing, might be everything.
They say in their privacy policy
- Edited
Thanks for sharing that link. This is the one that made me switch to Graphene:
Usage Data. Data about your activity on and use of our offerings, such as app launches within our services, including browsing history; search history; product interaction; crash data, performance and other diagnostic data; and other usage data
That sounds like they can essentially collect all your browser history even if you use a browser other than Safari as I understand all browsers use Safari under the hood?
Also, wtf is a device trust score:
Fraud Prevention Information. Data used to help identify and prevent fraud, including a device trust score
fria yeah, that works really well: https://law.justia.com/cases/federal/district-courts/california/candce/5:2022cv07069/403685/138/
splattergames This was about a couple of confusing settings not about them lying in their privacy policy.
fria confused settings? Which one do I need to tweak then? Apple clearly didn't provide any answers here. And the court seems to be of similar opinion since they permitted 6 of the claims to proceed. I really hope the courts rule in favor of the plaintiffs.
Btw: are you sure you're in the right forum? I've seen you shill for Apple in every second post. Just wanted to make sure.
splattergames Am I not allowed to be here lol? I like GrapheneOS it’s my favorite open source project currently. They’re pushing security and privacy forward in the mobile space more than anyone else. I only respond in discussions that are already talking about iOS, I’m not trying to overstep or anything.
- Edited
I wish we could get more insight on what some of these somewhat vague statements in their privacy statement mean though.
Usage Data. Data about your activity on and use of our offerings, such as app launches within our services, including browsing history; search history; product interaction; crash data, performance and other diagnostic data; and other usage data
What does this mean exactly? Do they collect, for example, my browsing history and store it indefinitely? Is this anonomyzed data or attributable to the user? Perhaps it is clear to some, but I don't fully understand.
beaverman20 hide from the government.
sad that in 2024 this is now considered a bad thing, 1984 has totally come true
- Edited
treenutz68 https://www.apple.com/legal/privacy/data/
This is much more detailed.
Browsing history is always e2ee in iCloud and you can turn off syncing if you want:
https://support.apple.com/en-us/102651
Oh ok, so if you don't use iCloud (I don't) then they don't collect any browsing data? I definitely missed that!
Your principle approach sounds similar to mine, Privacy is a right. But I've decided to relax my threat model and go back to iOS for the convenience and UX. All the while minimising use to reduce digital footprint. Anything sensitive or critical I can leverage the Graphene Pixel and TAILS for.
I think 'hardening' iOS to reduce telemetry, and using PWA is good enough.
Using Graphene for me muddled the lines when trying to acheive 'perfection'(spoiler, its not possible). Telemetry will still be gathered if you are trying to live any semblance of a 'normal' life in the 21st century, forgoing advancements for privacy is a scale, and at the moment i need these luxuries and think I can mitigate some privacy loss.
fria
I like that you offer both perspectives. I just spent a few weeks tinkering with GrapheneOS, with similar questions as OP and appreciate your insight.
I came across your posts and can't help wonder what your 'setup' is. Are you following the same two device approach as myelf?
throwaway22884 I like that you offer both perspectives. I just spent a few weeks tinkering with GrapheneOS, with similar questions as OP and appreciate your insight.
I came across your posts and can't help wonder what your 'setup' is. Are you following the same two device approach as myelf?
Thanks. I’m only running iOS at the moment but watching the GrapheneOS project progress from a distance. Maybe that’ll change one day but I’d prefer if Apple implemented all the Graphene features so I can continue using iOS just with better security.
Sweet sweet, are you following any 'hardening' checklists ? I know theres profiles which can be installed but hesistant.
Also i dont think this is derailing the post topic, I guess is giving another perspective to OP.
throwaway22884 I just use the phone normally, the whole appeal of iOS for me is the ease of use and features.
AlanZ if you love the fact that Apple collects your telemetry even when you opt out of all data sharing then by all means, dive back in, head first.
beaverman20
I've been using Graphene OS for about 8 months now on a Google Pixel 7a.
There are a few anomalies in my experience, but honestly, I don't know if they are related to Graphene OS or to the apps. Notifications are the first thing that comes to mind as it's the only really outstanding UX issue. But I cannot say the root cause, whether it's something in the OS or a problem with the absence of Google libraries.
Otherwise, I've been very happy with Graphene so far. I am running Proton VPN (it's always on). I typically have my Wi-Fi on at home, but always turn it off when I go out. Likewise, location is always off. I have tried it once or twice when using Waze for navigation, but I've found Waze to be a piece of garbage.
My Google Pixel 7a's battery charge lasts about 36 hours, not great, but this could be a problem with the battery itself, not related to excessive power usage by Graphene or any given app. The Pixel phones are no where near as good hardware as a 'higher end' phone. But hey, for $250 bucks, I can upgrade 4 times for less than the price of an iPhone or Samsung S series phone...!
I use K-9 email which serves multiple email accounts (the throw-away accounts). I use Proton Mail app, Proton Calendar, and Proton Pass. They all work fine.
I use several messaging apps: Signal, Olvid, Zangi which all work fine.
All these apps have issues with notifications which is why I suspect the notification problem is related to Graphene OS. But I find that the notifications arrive when I open the apps, so it just means that I remember to get into the app to see if there are messages.
The only compatibility issues I've experienced are with a few apps such as my T-Mobile apps. I suspect that they do not have a version that is free of the Google spy libraries. But this is a non issue for me. I don't really need those apps.
YouTube stops video play in the Vanadium browser after about a minute. But only once did I get lazy and click a video link that someone sent me to watch a YouTube video; it stopped after about a minute with a message to "download the app." Screw Gurgle; I use nothing from Gurgle.
In sum, I think it's well worth your investment to get Graphene OS. Personally, I don't really see the need to have my banking apps, travel apps, whatever, on my phone. I can do it all from my desktop as needed and when needed.
And I don't even need the US State Department global entry apps. Now, when I return to the US, I go straight to the Global Entry line in customs; they already know that I have Global Entry so I don't have to show an ID card or a status screen in the app on my phone.
I say go for it....
I used this video to guide me in installing Graphene OS the first time.
https://youtu.be/ZAZlmYKrwfk?si=G9uTl7U6MiB1Ro_3