I decided to post this here since the two most recent threads on GOS vs iOS have been locked.
This new contribution shows why deGoogled android is better than android running ANY KIND of Google Play Services and leagues better than Apple iOS. Enjoy.
The main issue with iOS in my opinion is Apple's "rules for thee, not for me" philosophy -- more specifically, their approach to sandboxing. Apps on the App Store are required to be sandboxed and can't do a lot of things that core Apple apps can. 3rd-party apps are so powerless that it feels like Apple apps run as root with the amount of privileges they have, and for certain apps like Settings it makes sense. But this enables a zero-click exploit every few months repeatedly, where your phone can get hacked with a rootkit overnight and you'll never even suspect anything. It's come to the point where I can't help but laugh anytime I see anything related to "security" being brought up around iPhones. All because core Apple apps have system-level access.
This is where AOSP and GrapheneOS have what is needed to be more secure. Dialer and SMS apps don't need system-level access because the dialer and SMS APIs are just normal Android APIs that any app marked as the "default" app can use. This is what enables 3rd-party SMS and dialer apps as well. Everything is compartmentalized, an exploit in Vanadium (GrapheneOS browser) won't affect the whole system (unless it is chained together with a sandbox escape exploit, but at that point it is a much bigger issue). Of course, the whole system (AOSP) is much flakier as whole, but GrapheneOS makes substantial security improvements where I consider it to be on par with and better than iOS, in a dream land where iOS core apps aren't privileged. In the real world where Messages is practically a backdoor letting anyone in, it's even better.
But do expect tinkering. You are using Linux after all ;) For example, the default AOSP apps you get with GOS are borderline unusable and will leave you with a poor taste in your mouth each time using them (Gallery, Dialer, SMS, Contacts, Calculator, etc.). GrapheneOS apps are a bit better, but still nothing award-winning (Camera, Auditor, Vanadium, Apps). First thing you're gonna wanna do is load up an F-Droid client (I recommend Droid-ify) and download the simple gallery, dialer, SMS messenger, contacts, and the organic maps app. Then set them up and disable the system ones. All of a sudden you have core apps that are fully sandboxed, even if someone sends you a "killer SMS" that glitches the SMS app, it can't do much other than access other SMS. It can't even access the internet. Compared to iOS this is truly a breath of fresh air.
Then load up Aurora Store and LinkSheet, these 2 apps will let you download apps from the Play Store without a Google account. (LinkSheet is needed as a workaround atm). Open Aurora once, accept all the defaults, then quit it. Set up LinkSheet as well. Then, go to Vanadium, search up any app on the Play Store website, then share it through LinkSheet to Aurora. Use this to install Google clock, calculator, and Gboard. But don't allow internet for those. (Again, sandboxing! Principle of least privilege! Keyboard shouldn't be able to access the internet!)
Also on Graphene you can use user profiles extensively: they are pretty much sandboxed like separate devices. Enable it in settings, then use them if you want to install questionable apps. You switch away to a completely isolated profile, where you have completely different apps installed. Use the app, do what you need, then hold the power button and end the session. This seals up the profile and freezes it, literally nothing can happen in it until you unlock it again. It's as if that separate virtual device has been powered off (because it practically has, data is purged from memory and encrypted on-disk).
About web browsing: Yeah, hundreds of millions of people use mobile Safari. However advanced fingerprinting techniques are at the point where they can tell you apart by slight variations in how your specific chip runs instructions (WebGPU fingerprinting). On Graphene, Vanadium doesn't really do anything to counter fingerprinting, it focuses more on exploit protection. There was a great browser called Bromite, developers abandoned it but a new fork called Cromite updates it, it has actual anti-fingerprinting tech (comparable to that of Tor/Hardened Firefox). It has tons more privacy and convenience features (literally adblock on mobile), but a bit less secure since it is layering stuff on top of Bromite and pretty much playing catch up with latest chrome. I still recommend getting it tho (it's not on F-Droid yet, only on github). You can use LinkSheet to split the browsers in two: route common websites/"web apps" you use to Vanadium (e.g. webmail, banking, government ID, any sensitive stuff), and everything else (articles, web searches, other random links) to Cromite.
Some apps will need Play services. With Graphene you can install them in a sandbox, but I wouldn't install them (and don't install them) whatsoever on my main profile (in my region popular brands make phones that come without google services so most apps work fine without them). Only in a secondary one, and only if strictly necessary.
More pro tips: you can use KDE connect to get most Apple ecosystem features (e.g. sync clipboard, ring device if lost, take photo on computer from phone) on the same Wi-Fi. You can use Syncthing to sync photos and files. You aren't losing anything by using Graphene.
But in conclusion: With Graphene, you are not putting trust in anyone (well maybe except the developers, but it's open source). You decide what to do, the base OS is very secure and you can improve it further or make it worse. No big tech accounts, no proprietary clouds, no weird exploits every few months.
epic_gos_user download the simple gallery, dialer, SMS messenger, contacts, and the organic maps app. Then set them up and disable the system ones. All of a sudden you have core apps that are fully sandboxed
System apps are also sandboxed, and general-purpose apps which don't require much privileges like Gallery and Camera are sandboxed even better than privileged system components like System (UID 1000).
epic_gos_user but a new fork called Cromite updates it, it has actual anti-fingerprinting tech (comparable to that of Tor/Hardened Firefox)
Tor's fingerprinting protections are much better.
epic_gos_user pretty much playing catch up with latest chrome
I think you meant Chromium
epic_gos_user With Graphene you can install them in a sandbox
Btw It's the the normal app sandbox and not a special one. And to be fair, Google Play is even sandboxed on GMS-Certified Android (It runs in its own UID), but it has much more access on GMS-Certified Android; like It can even wipe the device without user consent.
[deleted] System apps are also sandboxed, and general-purpose apps which don't require much privileges like Gallery and Camera are sandboxed even better than privileged system components like System (UID 1000).
Yup, I'm just putting the simple mobile ones because they are more usable imo. And AOSP dialer and messenger is deprecated.
[deleted] Tor's fingerprinting protections are much better.
True, but you don't really need to use Tor to look at simple articles (too slow to connect + would show in different languages, just inconvenient). You could use Mull or other hardened browsers instead, I'm just putting Cromite since that's what I use and it's relatively straightforward, configured out of the box (whereas e.g. Mull you have to go tinker with settings and install ublock origin and dark reader to get equivalent functionality).
[deleted] I think you meant Chromium
Yeah
[deleted] Btw It's the the normal app sandbox and not a special one. And to be fair, Google Play is even sandboxed on GMS-Certified Android (It runs in its own UID), but it has much more access on GMS-Certified Android; like It can even wipe the device without user consent.
Yeah, but there's a compat layer to make it work within the normal app sandbox
So disabling/uninstalling/removing as many core apps as possible from IOS (so only messages, camera, photos, appstore, Safari) and avoiding/disabling them as much as possible, how secure does that make IOS/iPadOS? Obv not as secure as base Graphene but still more secure than an Android tablet, the only thing that could beat that I imagine for tablets would be installing Graphene on the Pixel Tablet or just using a fking kindle
AFAIK, if you avoid using iCloud completely and leave location services off (except when absolutely necessary), the iPhone and/or iPad are equally as secure as Graphene (with each having some tradeoffs). Graphene has the potential to be more private, but it really depends on how you use it.
For some, particularly those whose contacts predominately use iMessage and refuse to use other messengers, using an iPhone may in fact be more private as their messages will be e2ee unlike if they had graphene (where the messages would be traditional sms that are plaintext).
I personally also think its much easier to use VoIP solutions on iPhone vs. graphene. Particularly mysudo, which you cannot pay for on graphene (must use a different phone to purchase plans and re-up the plan annually) and which requires google play services to be installed if you want your notifications of incoming calls/sms.
My only reason for using a graphene phone (in addition to an iPhone) is because it is also open source and therefore imo more trustworthy than apple, where we just have to take their word they aren't keylogging everything and storing it somewhere. I also don't like the walled appstore of the iPhone and like the freedom graphene/android allows.
I didn't realize iOS had contact scopes...
treenutz68 new in iOS 18
ahh ok nice, I look forward to that release