• General

  • Struggling with understanding the benefits of moving from iOS

I think the main benefit for you will be control and ownership on GOS compared to iOS. You can lock out social media and other companies from iOS, but you can't lock out Apple. They won't let you gain control and you'll have to do it their way (forced to use Apple ID and App Store, limited privacy settings which Apple will even ignore). In my opinion Apple is more dangerous when it comes to privacy, because Google is transparent about their anti-privacy actions and allows you to not use its services, Apple does privacy theater but likely collects and sells just as much orlf your data. If you want to dig a bit deeper, I recommend listening to the Closed Network Podcast Episode 24, beginning at around 1h26m.

With GOS you'll get:

  • The openness of Android (access to more open source and privacy friendly apps, side loading apps, different app stores, not using or restricting Google services etc.)
  • Highest level of security both hardware- and software-wise
  • Maximum control with cool features like Network Toggle, Contact- and Storage Scopes, Mac Randomization etc. (see official feature list)

Also Google devices are much easier to repair, have better price to performance ratio and function better with Windows and Linux, but that doesn't seem to be important for your threat model.

That all being said, there are very good reasons to stick to iOS, especially for convenience and how well all your devices work together if you submit to the Apple workflow. GOS gives you control, but it comes with responsibility and inconvenience that you might not have the time and energy for, especially if you're a hard working self-employed person. I guess your decision will mostly depend on how much you want to trust Apple with your data.

    N1b

    Thanks for your take. I agree for the most part, and you have listed exactly what attracts me to GOS in the first place.

    I don’t believe Google is transparent about anything other than what they have been forced to be transparent about. They’re shady, and I would trust them far far less than Apple.

    I don’t give Apple any of my data, other than what I know I’m giving them, or what they allegedly take (not much from me, I don’t use 1st party apps, and anything on iCloud of any importance is encrypted by me first). They certainly don’t have much of anything important, but it’s still too much I agree.

    That said, I noticed a vast quality of life difference when I stopped using Google Amazon and Facebook, with regards to creepy behaviour. I can’t say I have noted anything creepy from apples side of things (personally at least, which is all I really care about) - I would like to give up Apple nonetheless.

    Perhaps I’ll get a pixel phone and run them side by side for 6 months or so. I believe it’s the only way - I’m definitely more on board now I know I don’t need a gmail account for the play store and that I can use gift cards instead.

    • N1b likes this.

      mmmm Just to make sure things are clear: a Google account is required to use the Play Store. This has nothing to do with the fact that a Google account can be created with a non-Gmail adress.

      It's possible to create a Google account without sacrificing privacy for it. You would need to create it over a VPN/Tor and to use a temporary phone number provider for the initial SMS verification.

      • mmmm replied to this.

          GrouchyGrape

          Yeah I hear that. I need to investigate more where I can source the apps I know I’ll need that I use already.

              233328

              Yep I understand. I just don’t want a gmail account. I’ll work out the phone verification necessary. I just didn’t want a gmail account or to be linked financially to Google.

                9 days later

                mmmm I'll need the Play store - which means i'll need a Google account, and likely an attached bank card

                Why a bank card? This would only be necessary for purchasing non-free software, as far as I know.

                    I made the move a year or two ago (time flies) and couldn't be happier. I have a throwaway gmail account that I setup using a temporary number for verification. Just make sure you setup 2FA immediately after setup so you don't need to use that number again. If I recall correctly, Google pushes the Google Authenticator app and doesn't tell you that you can use any other 2FA app for this, but you can.

                    I use Bitwarden to manage my passwords and 2FA/TOTP. Credentials are stored online (encrypted of course), so if you want to use something local on an app that doesn't need network access, I've heard KeePass is the one to use. I haven't personally used it. Aegis is very popular for offline 2FA. In fact, I don't think there's a need for 2FA apps to have network access at all.

                    For payments, consider a service like privacy.com. I have the free account and it's served me well. You have to go through KYC verification and/or link a bank account, but the cards you generate are throwaway and you can use totally fictitious names and addresses when providing your billing details to merchants. This ensures merchants know nothing about you (including Google Play Store) even if privacy.com and your bank know exactly who you are. Recently my wife had her debit card number compromised. Had she used privacy.com and locked a single use throwaway card to a single merchant, it never would have happened. In my mind, that's an often not talked about benefit of privacy.com.

                    As for those apps that require Google Play Services to run your business...use a secondary profile for those. Profiles have their own encrypted data and apps can't interact across profiles.

                    Also consider using webapps where possible to avoid downloading privacy invasive applications. You'd be very surprised at how many apps have websites that are pretty robust and eliminate the need for having an app on your phone.

                    Do your research. This community gets a bad rep for some reason. Everyone here and in the Matrix rooms have been extremely helpful. This is a great community of privacy conscious folks that are willing to help others mitigate threats according to their models.

                    Cheers!

                    • [deleted]

                    • Post #18
                    • Edited

                    router99 At the risk of wandering off-topic, I have 3 paid FOSS apps on my phone. All 3 are available through F-Droid at no cost and are published as APKs, but I nevertheless went the Play Store way because as it stands, it's the best way to update apps (paid or free) on a GrapheneOS device with Sandboxed Google Play. Additionally, depending on your region, adding a credit card also happens to be the most privacy preserving way to verify your age on Google Play to access age-restricted content, since it doesn't verify card holder name like — much like others.

                        With your threat model, I don't really see the need if you are that attached to the Apple ecosystem. Sure, they get info from you to target ads, which can never be fully stopped. If you only use a phone, I'd say GOS is excellent for that, but since you also use macOS for a tablet and laptop, I don't see a huge benefit on the ad profile built on you. To really help eliminate it, GOS phone and tablet as well as Linux for laptop with privacy browsers, search engines, messengers, VPN, avoid all social media, etc ( a lot more you can do). Not worth it for most all people. For some strong privacy is a fun hobby. If you think a GOS phone would be fun, great. I have a GOS 6a and an Android 6 running Android 13. Add the GOS phone to your line-up and use it for things you really want to keep private. Just remember cell calls and SMS on GOS are not private. You would have to get your social/business circle to use Signal or the like, and that is another hurdle.

                        [deleted] In your last link, Visa and MasterCard are claimed to not need verification of name. I never knew that.

                            • [deleted]

                            • Post #21

                            router99 I've been using this hack for several years with nearly 100% success rate. It creates a good basis for a working pseudonym that can make online payments. If you couple it with disposable virtual cards it's even better.

                              mmmm I don't think its been mentioned but android has user profiles to separate apps if you need to. When the profile is ended everything is at rest . this was a huge plus when I switched from iPhone .

                                  • [deleted]

                                  • Post #23

                                  Skyway You can't end user profiles on Android, but only on GrapheneOS

                                    • [deleted]

                                    • Post #24

                                    I decided to post this here since the two most recent threads on GOS vs iOS have been locked.

                                    This new contribution shows why deGoogled android is better than android running ANY KIND of Google Play Services and leagues better than Apple iOS. Enjoy.

                                    https://www.youtube.com/watch?v=nQ9LR8homt4

                                    The main issue with iOS in my opinion is Apple's "rules for thee, not for me" philosophy -- more specifically, their approach to sandboxing. Apps on the App Store are required to be sandboxed and can't do a lot of things that core Apple apps can. 3rd-party apps are so powerless that it feels like Apple apps run as root with the amount of privileges they have, and for certain apps like Settings it makes sense. But this enables a zero-click exploit every few months repeatedly, where your phone can get hacked with a rootkit overnight and you'll never even suspect anything. It's come to the point where I can't help but laugh anytime I see anything related to "security" being brought up around iPhones. All because core Apple apps have system-level access.

                                    This is where AOSP and GrapheneOS have what is needed to be more secure. Dialer and SMS apps don't need system-level access because the dialer and SMS APIs are just normal Android APIs that any app marked as the "default" app can use. This is what enables 3rd-party SMS and dialer apps as well. Everything is compartmentalized, an exploit in Vanadium (GrapheneOS browser) won't affect the whole system (unless it is chained together with a sandbox escape exploit, but at that point it is a much bigger issue). Of course, the whole system (AOSP) is much flakier as whole, but GrapheneOS makes substantial security improvements where I consider it to be on par with and better than iOS, in a dream land where iOS core apps aren't privileged. In the real world where Messages is practically a backdoor letting anyone in, it's even better.

                                    But do expect tinkering. You are using Linux after all ;) For example, the default AOSP apps you get with GOS are borderline unusable and will leave you with a poor taste in your mouth each time using them (Gallery, Dialer, SMS, Contacts, Calculator, etc.). GrapheneOS apps are a bit better, but still nothing award-winning (Camera, Auditor, Vanadium, Apps). First thing you're gonna wanna do is load up an F-Droid client (I recommend Droid-ify) and download the simple gallery, dialer, SMS messenger, contacts, and the organic maps app. Then set them up and disable the system ones. All of a sudden you have core apps that are fully sandboxed, even if someone sends you a "killer SMS" that glitches the SMS app, it can't do much other than access other SMS. It can't even access the internet. Compared to iOS this is truly a breath of fresh air.

                                    Then load up Aurora Store and LinkSheet, these 2 apps will let you download apps from the Play Store without a Google account. (LinkSheet is needed as a workaround atm). Open Aurora once, accept all the defaults, then quit it. Set up LinkSheet as well. Then, go to Vanadium, search up any app on the Play Store website, then share it through LinkSheet to Aurora. Use this to install Google clock, calculator, and Gboard. But don't allow internet for those. (Again, sandboxing! Principle of least privilege! Keyboard shouldn't be able to access the internet!)

                                    Also on Graphene you can use user profiles extensively: they are pretty much sandboxed like separate devices. Enable it in settings, then use them if you want to install questionable apps. You switch away to a completely isolated profile, where you have completely different apps installed. Use the app, do what you need, then hold the power button and end the session. This seals up the profile and freezes it, literally nothing can happen in it until you unlock it again. It's as if that separate virtual device has been powered off (because it practically has, data is purged from memory and encrypted on-disk).

                                    About web browsing: Yeah, hundreds of millions of people use mobile Safari. However advanced fingerprinting techniques are at the point where they can tell you apart by slight variations in how your specific chip runs instructions (WebGPU fingerprinting). On Graphene, Vanadium doesn't really do anything to counter fingerprinting, it focuses more on exploit protection. There was a great browser called Bromite, developers abandoned it but a new fork called Cromite updates it, it has actual anti-fingerprinting tech (comparable to that of Tor/Hardened Firefox). It has tons more privacy and convenience features (literally adblock on mobile), but a bit less secure since it is layering stuff on top of Bromite and pretty much playing catch up with latest chrome. I still recommend getting it tho (it's not on F-Droid yet, only on github). You can use LinkSheet to split the browsers in two: route common websites/"web apps" you use to Vanadium (e.g. webmail, banking, government ID, any sensitive stuff), and everything else (articles, web searches, other random links) to Cromite.

                                    Some apps will need Play services. With Graphene you can install them in a sandbox, but I wouldn't install them (and don't install them) whatsoever on my main profile (in my region popular brands make phones that come without google services so most apps work fine without them). Only in a secondary one, and only if strictly necessary.

                                    More pro tips: you can use KDE connect to get most Apple ecosystem features (e.g. sync clipboard, ring device if lost, take photo on computer from phone) on the same Wi-Fi. You can use Syncthing to sync photos and files. You aren't losing anything by using Graphene.

                                    But in conclusion: With Graphene, you are not putting trust in anyone (well maybe except the developers, but it's open source). You decide what to do, the base OS is very secure and you can improve it further or make it worse. No big tech accounts, no proprietary clouds, no weird exploits every few months.

                                      • [deleted]

                                      • Post #26

                                      epic_gos_user download the simple gallery, dialer, SMS messenger, contacts, and the organic maps app. Then set them up and disable the system ones. All of a sudden you have core apps that are fully sandboxed

                                      System apps are also sandboxed, and general-purpose apps which don't require much privileges like Gallery and Camera are sandboxed even better than privileged system components like System (UID 1000).

                                      epic_gos_user but a new fork called Cromite updates it, it has actual anti-fingerprinting tech (comparable to that of Tor/Hardened Firefox)

                                      Tor's fingerprinting protections are much better.

                                      epic_gos_user pretty much playing catch up with latest chrome

                                      I think you meant Chromium

                                      epic_gos_user With Graphene you can install them in a sandbox

                                      Btw It's the the normal app sandbox and not a special one. And to be fair, Google Play is even sandboxed on GMS-Certified Android (It runs in its own UID), but it has much more access on GMS-Certified Android; like It can even wipe the device without user consent.

                                                [deleted] System apps are also sandboxed, and general-purpose apps which don't require much privileges like Gallery and Camera are sandboxed even better than privileged system components like System (UID 1000).

                                                Yup, I'm just putting the simple mobile ones because they are more usable imo. And AOSP dialer and messenger is deprecated.

                                                [deleted] Tor's fingerprinting protections are much better.

                                                True, but you don't really need to use Tor to look at simple articles (too slow to connect + would show in different languages, just inconvenient). You could use Mull or other hardened browsers instead, I'm just putting Cromite since that's what I use and it's relatively straightforward, configured out of the box (whereas e.g. Mull you have to go tinker with settings and install ublock origin and dark reader to get equivalent functionality).

                                                [deleted] I think you meant Chromium

                                                Yeah

                                                [deleted] Btw It's the the normal app sandbox and not a special one. And to be fair, Google Play is even sandboxed on GMS-Certified Android (It runs in its own UID), but it has much more access on GMS-Certified Android; like It can even wipe the device without user consent.

                                                Yeah, but there's a compat layer to make it work within the normal app sandbox

                                                        9 months later

                                                        epic_gos_user

                                                        So disabling/uninstalling/removing as many core apps as possible from IOS (so only messages, camera, photos, appstore, Safari) and avoiding/disabling them as much as possible, how secure does that make IOS/iPadOS? Obv not as secure as base Graphene but still more secure than an Android tablet, the only thing that could beat that I imagine for tablets would be installing Graphene on the Pixel Tablet or just using a fking kindle

                                                            0vesper

                                                            AFAIK, if you avoid using iCloud completely and leave location services off (except when absolutely necessary), the iPhone and/or iPad are equally as secure as Graphene (with each having some tradeoffs). Graphene has the potential to be more private, but it really depends on how you use it.

                                                            For some, particularly those whose contacts predominately use iMessage and refuse to use other messengers, using an iPhone may in fact be more private as their messages will be e2ee unlike if they had graphene (where the messages would be traditional sms that are plaintext).

                                                            I personally also think its much easier to use VoIP solutions on iPhone vs. graphene. Particularly mysudo, which you cannot pay for on graphene (must use a different phone to purchase plans and re-up the plan annually) and which requires google play services to be installed if you want your notifications of incoming calls/sms.

                                                            My only reason for using a graphene phone (in addition to an iPhone) is because it is also open source and therefore imo more trustworthy than apple, where we just have to take their word they aren't keylogging everything and storing it somewhere. I also don't like the walled appstore of the iPhone and like the freedom graphene/android allows.

                                                              N1b Contact- and Storage Scopes, Mac Randomization

                                                              iOS have these three features now...