mmmm which means i'll need a Google account, and likely an attached bank card
mmmm My main threat model (realistically) is to avoid being profiled by social media and ad targeting purposes
Apple does that no?
https://support.apple.com/guide/iphone/control-how-apple-delivers-advertising-to-you-iphf60a6a256/ios
https://www.apple.com/legal/privacy/en-ww/
Didn’t think of gift cards. Good call.
How do I get an anonymous gmail address though? I understand you can only use a gmail address?
Yes Apple does do it - but seemingly (not provably though) only in house. Google and others seems to be much more a free for all.
I’m not suggesting Apple is good or anything by the way - but since giving up anything Google Amazon and Facebook 6 years ago, I don’t have the hideous and obvious ads following me everywhere.
I've removed a couple of comments. Please keep comments here factual.
mmmm An article/2-3 articles with expert information can be written for questions you have asked, but I'm afraid that I and many others on this forum do not/might not have enough expertise for that.
mmmm I understand you can only use a gmail address?
An Google account can be created with any Email address.
Also, you don't have to use the play store at all necessarily. All of my apps are downloaded and managed via Obtainium For the two apps that are required for work, I use Aurora store.
I think the main benefit for you will be control and ownership on GOS compared to iOS. You can lock out social media and other companies from iOS, but you can't lock out Apple. They won't let you gain control and you'll have to do it their way (forced to use Apple ID and App Store, limited privacy settings which Apple will even ignore). In my opinion Apple is more dangerous when it comes to privacy, because Google is transparent about their anti-privacy actions and allows you to not use its services, Apple does privacy theater but likely collects and sells just as much orlf your data. If you want to dig a bit deeper, I recommend listening to the Closed Network Podcast Episode 24, beginning at around 1h26m.
With GOS you'll get:
Also Google devices are much easier to repair, have better price to performance ratio and function better with Windows and Linux, but that doesn't seem to be important for your threat model.
That all being said, there are very good reasons to stick to iOS, especially for convenience and how well all your devices work together if you submit to the Apple workflow. GOS gives you control, but it comes with responsibility and inconvenience that you might not have the time and energy for, especially if you're a hard working self-employed person. I guess your decision will mostly depend on how much you want to trust Apple with your data.
Thanks for your take. I agree for the most part, and you have listed exactly what attracts me to GOS in the first place.
I don’t believe Google is transparent about anything other than what they have been forced to be transparent about. They’re shady, and I would trust them far far less than Apple.
I don’t give Apple any of my data, other than what I know I’m giving them, or what they allegedly take (not much from me, I don’t use 1st party apps, and anything on iCloud of any importance is encrypted by me first). They certainly don’t have much of anything important, but it’s still too much I agree.
That said, I noticed a vast quality of life difference when I stopped using Google Amazon and Facebook, with regards to creepy behaviour. I can’t say I have noted anything creepy from apples side of things (personally at least, which is all I really care about) - I would like to give up Apple nonetheless.
Perhaps I’ll get a pixel phone and run them side by side for 6 months or so. I believe it’s the only way - I’m definitely more on board now I know I don’t need a gmail account for the play store and that I can use gift cards instead.
mmmm Just to make sure things are clear: a Google account is required to use the Play Store. This has nothing to do with the fact that a Google account can be created with a non-Gmail adress.
It's possible to create a Google account without sacrificing privacy for it. You would need to create it over a VPN/Tor and to use a temporary phone number provider for the initial SMS verification.
Yeah I hear that. I need to investigate more where I can source the apps I know I’ll need that I use already.
I made the move a year or two ago (time flies) and couldn't be happier. I have a throwaway gmail account that I setup using a temporary number for verification. Just make sure you setup 2FA immediately after setup so you don't need to use that number again. If I recall correctly, Google pushes the Google Authenticator app and doesn't tell you that you can use any other 2FA app for this, but you can.
I use Bitwarden to manage my passwords and 2FA/TOTP. Credentials are stored online (encrypted of course), so if you want to use something local on an app that doesn't need network access, I've heard KeePass is the one to use. I haven't personally used it. Aegis is very popular for offline 2FA. In fact, I don't think there's a need for 2FA apps to have network access at all.
For payments, consider a service like privacy.com. I have the free account and it's served me well. You have to go through KYC verification and/or link a bank account, but the cards you generate are throwaway and you can use totally fictitious names and addresses when providing your billing details to merchants. This ensures merchants know nothing about you (including Google Play Store) even if privacy.com and your bank know exactly who you are. Recently my wife had her debit card number compromised. Had she used privacy.com and locked a single use throwaway card to a single merchant, it never would have happened. In my mind, that's an often not talked about benefit of privacy.com.
As for those apps that require Google Play Services to run your business...use a secondary profile for those. Profiles have their own encrypted data and apps can't interact across profiles.
Also consider using webapps where possible to avoid downloading privacy invasive applications. You'd be very surprised at how many apps have websites that are pretty robust and eliminate the need for having an app on your phone.
Do your research. This community gets a bad rep for some reason. Everyone here and in the Matrix rooms have been extremely helpful. This is a great community of privacy conscious folks that are willing to help others mitigate threats according to their models.
Cheers!
router99 At the risk of wandering off-topic, I have 3 paid FOSS apps on my phone. All 3 are available through F-Droid at no cost and are published as APKs, but I nevertheless went the Play Store way because as it stands, it's the best way to update apps (paid or free) on a GrapheneOS device with Sandboxed Google Play. Additionally, depending on your region, adding a credit card also happens to be the most privacy preserving way to verify your age on Google Play to access age-restricted content, since it doesn't verify card holder name like — much like others.
With your threat model, I don't really see the need if you are that attached to the Apple ecosystem. Sure, they get info from you to target ads, which can never be fully stopped. If you only use a phone, I'd say GOS is excellent for that, but since you also use macOS for a tablet and laptop, I don't see a huge benefit on the ad profile built on you. To really help eliminate it, GOS phone and tablet as well as Linux for laptop with privacy browsers, search engines, messengers, VPN, avoid all social media, etc ( a lot more you can do). Not worth it for most all people. For some strong privacy is a fun hobby. If you think a GOS phone would be fun, great. I have a GOS 6a and an Android 6 running Android 13. Add the GOS phone to your line-up and use it for things you really want to keep private. Just remember cell calls and SMS on GOS are not private. You would have to get your social/business circle to use Signal or the like, and that is another hurdle.
router99 I've been using this hack for several years with nearly 100% success rate. It creates a good basis for a working pseudonym that can make online payments. If you couple it with disposable virtual cards it's even better.
Skyway You can't end user profiles on Android, but only on GrapheneOS
I decided to post this here since the two most recent threads on GOS vs iOS have been locked.
This new contribution shows why deGoogled android is better than android running ANY KIND of Google Play Services and leagues better than Apple iOS. Enjoy.
