Privacy requires security.
System settings for a privacy-focused user with minimal security concerns
Don't change the defaults for the worse options, any performance gains you might get are going to be minimal at best. If you want to make your phone feel faster turning off or reducing the animation speeds to 0.5x (from developer options) will make a much bigger difference.
whiskeywalrus If you want to make your phone feel faster turning off or reducing the animation speeds to 0.5x (from developer options) will make a much bigger difference.
Developer options include some things that don't work right or break other things. Only a few months ago a developer option related to animation triggered a bug in the lock screen.
It is not generally helpful to recommend that people address minor issues by placing themselves in danger, at least not without warning them.
Developer options are intended to be used by developers working on an application, and also intended to be used on non-production devices that don't contain private data.
Tubeless2720 The exploit protection compatibility mode toggles are mainly for compatibility with apps containing memory corruption bugs occurring in regular usage. Disabling hardened_malloc for certain apps may improve performance but it won't make any significant difference for most. Doing this reduces the security of the app against attacks, and will substantially impact privacy if it gets exploited because of it. This does not need to involve any kind of targeted attack, many vulnerabilities get widely exploited and many apps don't even do proper security updates for their dependencies.
Disabling secure spawning will save a significant amount of memory at the expense of greatly reducing overall system security. The direct negative impact on privacy from doing that is small, but it has one. Having a much less secure device does have relevance to privacy despite your belief that they're separate things. They are not separate things and there's widespread use of exploits including by apps wanting to bypass privacy protections.
de0u The bug you mention was related to disabling animations from accessibility settings, not developer options (though I don't know if they function technically the same). And yes of course if you don't know what you're doing you can break things via developer options, though in this case the risk of changing animations speeds seems very small and the usability benefit is actually quite large, at least for me personally.
whiskeywalrus In this case the risk of changing animations speeds seems very small and the usability benefit is actually quite large, at least for me personally.
Obviously what you choose to do with your device is up to you.
Whether or not it's ok to recommend on this forum that people use developer options on production devices, without mentioning any warnings or disclaimers, is up to the forum moderators.
whiskeywalrus If you want to make your phone feel faster turning off or reducing the animation speeds to 0.5x (from developer options) will make a much bigger difference.
Clearly you are not aware that certain features in Developer options can cause irreversible data loss, or you wouldn't be recommending it to the OP.
whiskeywalrus And yes of course if you don't know what you're doing you can break things via developer options, though in this case the risk of changing animations speeds seems very small and the usability benefit is actually quite large, at least for me personally.
You are aware that doing things in Developer options may break things if you don't know what you're doing, but you still recommend it to someone who has not expressed that they are familiar with the breakage that Developer options can cause?
Certain toggles in App info like Exploit protection compatibility mode, memory tagging, loading code via storage etc. are not harnessed under Developer settings yet arguably pose increased security risks for what(?), better app compatibility. Are we going to warn users to be sensible when considering using them? After all, they are not available on any other "production device".
- Edited
SgtSurehand I expect that if somebody were recommending that people disable MTE or hardened malloc for speed, without any kind of warning, then somebody would point out the elevated risk. Likewise if somebody suggests various developer options for speed, without any kind of warning, I think it makes sense for somebody to point out elevated risk.
But the situation is worse with developer options, not the same. Developer options are literally concealed behind an invisible menu, because developer options are variously dangerous and/or unstable.
Sadly, it is expected that some users will disable some exploit protections to run some apps in production including with private data -- that's why those toggles were added. It is not expected that developer options are used with private data on production devices -- that's why those toggles are behind a hidden menu.
de0u I in no way endorse using Developer options, though they are enabled with sole purpose of viewing running and cached processes, since I haven't been able to find a tool allowing me to do that with such detail.
I have also witnessed apps refusing to run with dev options enabled, mainly games for anti cheat reasons.
SgtSurehand What if the code that displays running and cached processes is exploitable? That would be mostly OK from Google's perspective, since many of the developer options are intended to weaken device security while developers debug apps running without private data.
If you have audited the process-monitor code and are confident that even though it is behind a hidden menu it's still safe, that's one thing. But turning it on because it appears to do something that seems like it could be safe may not be prudent.
7 days later
Upstate1618 Hi can i have a chat with you about ios privacy?
What makes a iPhone more privat and secure when configured with Apple Configurator?
SPUTTERGRUMBLENANOMETER
Pls refer to https://discuss.grapheneos.org/d/20126-configure-your-iphone-to-be-secure-and-private
In short words
Firstly you need to supervise your iPhone which requires a erase . You also need to create a certification (identity) for supervision.
Secondly you need to apply a configuration profile to enforce some settings to your iPhone. These settings are not available to change in Settings app and only take effect on supervised iPhone.
Thirdly you need to change some settings in Settings app.
If you wanna know more you can create a new discussion marked as Off Topic because iOS related questions are irelvent to this discussion.
Tubeless2720 My threat model is mainly privacy(and little bit anonymity) from big tech, governement,trackers ,brokers etc. I am not that worried about security and for me even AOSP's security is good enough.
If you get hacked because you security is not strong enough, your privacy goes to zero.
Security is necessary for privacy.
Open_Source_Enjoyer how strong is strong enough? Who is the judge of that? I think it's the user and all users are different. Security has always been a moving goalpost so at any point you can't say that you are done.
SgtSurehand Open_Source_Enjoyer how strong is strong enough? Who is the judge of that? I think it's the user and all users are different. Security has always been a moving goalpost so at any point you can't say that you are done.
I just want to point out that privacy is not independent from security.
Open_Source_Enjoyer I wouldn't go so fast with that statement. Security oftentime contradicts privacy, you need to choose the right balance. Same as with not all open source is automatically good for your privacy. I definitely would not go all in for security that involves G. But I guess some know that by now.
Open_Source_Enjoyer If you get hacked because you security is not strong enough, your privacy goes to zero.
Security is necessary for privacy.
Everyone is missing my point here.
I don't even use lock screen on my phone. I am not even bit worried about physical security.
I live in a random village somwhere and I am not bothered about someone copying all the data since my phone is unlocked all the time and I don't have important data on my phone. That is not my threat model.
My threat(most significant) model is online digital privacy from big tech, brokers etc when surfing online.
So, I don't think security matters much here.
- Edited
Not true, despite what GrapheneOS have said elsewhere. A good example I like to use is public toilets. Public toilets, the ones where the toilets are partitioned off from each other, provide sufficient privacy and even provide some security (they have locks). But these partitions and locks are not designed to provide perfect privacy or perfect security. If someone really wants to knock your door down or peek over or under the partition, they can. But how often does that happen? It protects you 99.99% of the time, and 99.99% of the time, no one wants to break in or watch you while you poop. But that does not mean it doesn't provide any privacy or any security at all.
Another example are blinds and shutters. They'll provide privacy for the majority of situations, but a motivated attacker will be able to get around it. That does not make them useless.
If you're of the kind of person that believes a protection mechanism must be fool proof, for it to be useful at all, then you also fall into the kind of camp that believes privacy is dead because there are so many examples of where your privacy is being invaded. The plethora of ways to compromise your privacy or security, and the ease of which it can be achieved, does not provide any evidence for why it's pointless to attempt to stop that from happening.
Security and privacy go hand in hand and they benefit from each other, but they do not require each other.
- Edited
gk7ncklxlts99w1
Security ensures good actors won't violates people's privacy by mistake. The doors in the toilet are not transparent. There's also no magic or exploits to turn them to be transparent
Security also ensues bad actors won't succeed. The doors are locked. If there's no lock on the door or it's not resilient enough, bad actors would violate people's privacy.
It's not realistic to assume all apps on my phone are good apps either.