What is current GrapheneOS's security strength compared to iPhone circa 2016?

[deleted]

It's your opinion and I'm not trying to convince you otherwise. But many people just want to use their phone for casual day to day business (Facebook, insta, YouTube, you name it). Some of them simply cannot wrap their head around android or the whole concept of privacy and security on the internet, others just don't care because they don't know half of it. For those average users, and I do not mean that in any way to be disrespectful, iphones are a reasonable choice because they are reasonably secure, easy to setup and to use. They have no threat models, no state sponsored agency on their back which tries to infiltrate their devices to collect as much compromising data as possible. I know enough people who just want to use their phone, take pictures, message their friends and family and be done with it. That's how apple got so big, perfect marketing and easy to use devices. They just made their homework.

Everybody has different needs and expectations and iphones certainly cater to some of them.

If every phone made today was made by regulators to carry logo "Assume your phone is tapped", people would radically change their view of privacy (let alone security).

[deleted]

Good times for therapists, too!

matchboxbananasynergy You could have your secure passphrase as the primary unlock method (will need to be used after a reboot etc.)

How can I set such a passphrase to be used after boot only?

Blastoidea

Well, good for you then. I'm old too yet here I am. I always appreciated the little nifty things in the pixels (fingerprint reader on the back and gestures attached to it, quick start for the camera). But I know many people who just don't like the looks and feels of the Android OS, whatever that means. And if you don't want to think much about your device I guess there are worse choices than an iPhone.

I almost sound like an advocate for apple. The point I was trying to make though is that I don't think there is an objective argument against an iphone for people who don't care much about tech or privacy and, in my opinion, that's ok. You must pick your battles, I guess.

Phead People with lots of money buy apple, and that's that. Those who want to keep it simple, as you say, buy an old Galaxy s6 or Huawei.

FlipSid A site cannot tell you the entropy of a randomly generated password based on entering it into the site unless it knows how it was generated. Those 2 calculator sites you've linked are inaccurate. Simply type a, s and d in some pattern and they'll claim it has high entropy as if a random number generator generated it from random bits.

@FlipSid It's simply log₂(choices × length). If you randomly generate a password with lowercase letters and digits, there are 36 possible choices, which leads to around 93 bit entropy for 18 characters. Making an 18 character passphrase this way yourself is not the same. Diceware has a word list with 7776 words, which leads to around 90 bit entropy for 7 words. These sites cannot know how a password was generated and are simply guessing a number.

It would be best to continue this in a new thread because it's not related.