Having trouble understanding this:

https://grapheneos.org/faq#encryption

"...Using a secondary profile for regular usage allows you to make use of the device without decrypting the data in your regular usage profile. ..."

I believe I presently have an "owner" profile (which is what resulted from installing GOS using the https installer.)

Using the "owner" profile I created a secondary profile which is the profile I use most regularly. (This initial approach inspired by Hulk "Tidy Owner")

Presuming my single secondary profile is my "regular usage" profile, I don't understand what is meant by:
"Using a secondary profile for regular usage allows you to make use of the device without decrypting the data in your regular usage profile..."

How can I make "Tidy" use of the device without signing into and decrypting the data in my regular usage profile? Does this documentation refer to another "secondary" profile used to shutdown and restart the "regular usage" profile (which I guess would be neat and allow me to keep out of the very important "owner" profile)? I tried this and couldn't get a second secondary profile to shut down my "regular usage" profile

Apologies for this question; I don't mean to be thick and argumentative, but I'm missing something. Important to me as I expect to create additional "secondary" profiles to handle google-dependent applications (e.g. a smart watch)

I think that what it's referring to by, "allows you to make use of the device”, is that you can still receive calls and SMS via the owner profile while being logged out of your secondary profile that contain the bulk of your apps (and more sensitive data).

I don't use a secondary profile myself, so I could be wrong here.

    mythodical

    Thank you, mythodical!!

    So how do I submit suggestions for changes to documentation? In this case I'd suggest something like:
    "Using a secondary profile for regular usage allows you to make and receive cell calls and texts in your "owner profile" without decrypting the potentially sensitive data in your regular usage profile..."

      newbie24689 @matchboxbananasynergy might be able to help with that. I'm just a fairly new user here myself.

      While I agree the documentation could be a bit more forthcoming, it's important to note that all other default apps are also available for use in the Owner profile while the secondary profile is encrypted at rest. For example, the calculator, camera, and alarms are all available for use (with their own sets of data, separate from the secondary profile), so I think the documentation could just use a few examples to convey the workflow.

      Hi there @newbie24689!

      To be fair, I didn't write the documentation (I'm just a moderator), but:

      Using a secondary profile for regular usage allows you to make use of the device without decrypting the data in your regular usage profile.

      makes sense to me.

      As @mythodical said "make use of the device" sounds intentionally broad there, and I do think it makes sense to prhase it that way.

      Example: You could have a secondary profile where you install all of your apps, store your data (contacts, photos, videos).

      You can have that profile fully locked and its data inaccessible, but still receive and make calls through the owner profile, use the browser, or anything else.

      The advantage of this setup is that you can for example hand your phone to someone else after ending the session of your secondary profile, and they won't be able to access anything in there. If all of your apps/data is in your main profile, they can simply switch from whatever profile you're on when you hand them the device back to the owner profile, and thus access your data, as the owner profile needs to be unlocked for any secondary profile to be usable.

      I hope that this provides some more context and perhaps makes that sentence in the docs a bit more clear.

        • [deleted]

        mythodical Just a quick question how come you have decide to just use 1 profile? I keep going back and forth with the idea of using a blank owner with all apps in second and gps in third or just one profile

          [deleted] I may do so in the future, who knows. That particular workflow is impractical for my usage.

          On the occasion that I would have need to lock it down, and sufficient warning to do so, I would simply reboot the phone, putting the Owner encryption at rest. If I did not have warning, such as being incapacitated in an MVI, the secondary profile would likely be active anyway as I'm not going to put my profile at rest every time I step into a vehicle.

          The USBP, CBSA and other North American LE agencies are pretty savvy when it comes to digital forensics. If a border agent seizes your phone for inspection, and you provide the means to unlock the Owner profile, I feel there's a good chance your secondary profile will be discovered anyway, and further questioning will then ensue. This may work for less tech-savvy countries however.

            • [deleted]

            mythodical I appreciate you telling me! Do you have sandboxed GPS in your one profile?

              [deleted] No problem. No, I don't use Google Services/Store at all. I explain my reasons why here if you're interested.

              Edit: I just realized it was you that I was replying to in the other thread lol

                • [deleted]

                mythodical oh that is right! Lol what if you come across an app that needs it? I have a doorbell app that will probably need play services installed so I get push notifications

                  [deleted] what if you come across an app that needs it?

                  I simply won't use it. If we come to a sad state of affairs where we cannot perform more than most basic of phone tasks without Google Play Services, that's when I switch back to a dumb phone and stick to using a laptop for mobile internet.

                  In the meantime, if my bank or some other essential service implements a Play dependency, I'll just use the website instead. I feel that we have to draw a line somewhere.

                  I have a doorbell app that will probably need play services installed so I get push notifications

                  I recently wrote about my camera system here which does rely on the Play Store to send app notifications. I've configured it to send email notifications instead.

                  • [deleted]

                  • Edited

                  matchboxbananasynergy so the benefits of the tidy profile system relate to physical exfil and tampering. Is there also some benefit from the remote hacking perspective? Perhaos similar to making your main Linux user space a non-root secondary user, so that you can always escalate yourself to the admin user and regain control when your daily user inevitably gets hacked or aquires a virus. Does the tidy profile approach offer any benefits in that regard? Or can we adjust it so that it does?