Hi
I hope this is the correct place to put this.
Ive read so many different opinions and i dont really know where to start.
Here is as much info as i can give, while trying to keep it brief.
I havent installed GOS yet, i want to make sure ive got the setup correct before i start.
Phone: Pixel 9 pro xl.
Use: Daily driver phone, always in my possesion. Used constantly.
Phone calls, sms, whatsapp, email, browser, banking, photos, and all other usual stuff.
Do i install all apps in the Main User account and use them all there as my daily driver phone, or keep that unused then have user1 as my daily driver, then user2 as a less used one just for things like banking and high risk stuff?
Hopefully this post inst too long with too much info in it!
////
Threat Model Info:
- What do I want to protect?
High priority: My login & passwords, financial & banking, personal photos, work & financial related emails etc.
Standard priority: Social media accounts and similar.
Low Priority: Location history and similar, conversations with friends & family.
////
- Who do i want to protect it from:
Theft of device, Loss of device.
Im going on holiday to medium risk place and want to have GOS setup before I go.
Hackers & Scammers.
Damage and loss of data.
Its unlikely ill need to protect it from the government, law enforcement, or family.
////
- How likely is it that i will need to protect it?
I have never had a phone stolen or lost a phone ever in 20+ years.
Very unlikely, but i want to get it sorted now just incase.
////
- How bad are the consequences if i fail?
Very Bad.
Direct financial loss from stolen funds, fraud, identity etc.
High annoyance and time loss for recovery.
Time taken to recover everything.
////
- How much trouble am i willing to go through to prevent potential consequences?
What ever it takes, with a few trade offs for useability and productivity.
I do want notifications from these apps/services:
Emails, whatsapp, sms, phone calls, security cctv cameras apps.
Ideally banking apps, but i could live without it.
////
- Security measures I already employ.
Device & Physical security:
This is currently quite low, but i will up it.
I have a low security device unlock due to convinience.
I dont have a biometric lock due to convinience.
I dont have remove wipe capability (i always have location turned off).
Notifications - Im happy to have lock screen notifications and compramise security for convinience.
Auto Lock: i have this set to 30 secs.
Account & Data Security:
Password managers I use: Proton Pass, Bitwarden, and looking to use KeyPass. I use unique passwords for all accounts and some unique emails.
Two factor Authentication 2FA: used only for the very riskiest things, but ill add it to more. Currently using Google Auth but will swap.
Secure Backup: not currently encrypted. I sync with google drive, 2x phones, tablet, win11 laptop. No other backup method currently used.
App permissions: Locatoin is always turned off unless needed for satnav. Permissions locked down as much as i can with normal android.
Email Aliases: yes i use a lot.
Network & Communication security:
VPNs: I have Proton, Surfshark, and Mullvad.
Zero Trust: Its highly unlikely ill be tricked by unsolicitated emails etc.
////
- Apps & Services I use.
High Priority & Daily Use:
Phone calls: id like the spam caller id feature but its not a must.
Whatsapp - most of my communication with friends and work.
Sms: any app will do.
Camera: The reason I got the phone was for the camera. I want the highest quality photos from is so likely need the google camera app.
Email app: currently use gmail app but im switching to Thunderbird or K9 etc.
Internet: will use any browser like brave, firefox, vanadium etc.
Email providers: multiple inc gmail, proton, addyio, simplelogin, my own TLDs.
Contacts sync: Need to sync between phones and access on laptop.
VOIP: currently use Yay, Sonetel, Twillio soon, and looking for others.
Sat Nav: I like google maps, but happy to try another. Live traffic is a must for travel.
Banking: UK banking apps, ive checked and they all work.
Task management: Asana.
Documents: Currently use google docs and google sheetc daily, but can switch eventually.
NFC payments: Google wallet is used daily. I know this does not seem to work, but i believe Curve Pay works in the uk.
Bluetooth ear buds.
Youtube: I use Newpipe/PipePipe, or browse via brave.
Poscasts: any app will do if i can sync history between phones.
Photo cloud storage: Currently use google photos. I would considder changing.
Social Media: facebook, instagram, discord, telegram.
Cloud backup & sync: Currently use google drive, but happy to switch.
AI: regular use of all of them inc Perplexity, ChatGPT, Gemini, Claude, Opensource models.
CCTV: security camera apps, Blink, Reolink, others similar.
Virus protection: Any.
Cloud Storage: i dont want to host my own at home due to time constraints. I currently use less than 200GB inc photos.
////
I think that covers most things.