Hey all!
I'm trying to understand the benefits of setting up additional User Profiles/Work Profiles for my needs, so I can decide if I want to use these or just keep using everything in one User Profile (which does sound more convenient :) )
My threat model: I want to reduce the amount of tracking/profiling by (big) tech companies done on my device.
My current setup:
- I only have the main user profile on GrapheneOS
- I do not have any Play Services installed there
- For apps that need storage/contacts access I set up storage/contacts scopes
- For apps that work well offline, I disallow network access.
- I always run a VPN that promises it blocks trackers (for the apps that do need network access)
- I leave the Pause App Activity If Unused and Battery Optimization on if possible
- And as far as I understand apps already cannot interact with each other (thanks to Android sandboxing) and have limited access to the OS (thanks to GrapheneOS).
So let's say I want to install an app, that has a couple of trackers in it, from the Aurora Store. The app does need internet access to work, but runs perfectly fine without Google Play services. If I install it on my main user profile, I assume the app cannot gather data from other apps that I have installed and the Storage/Contact scopes already make the app think it's on a "blank" Android device.
If this is indeed the case, then what additional advantage would it give me if I were to set up a second User Profile or Work Profile and installing the app there? (It's tempting to use them because they are really cool features, and I can see how they can be useful for some use cases, but I'm wondering if it gives me additional benefits for my use case and threat model)
Cheers!