Hi all,
I finally decided to switch to GrapheneOS from other privacy oriented rom with microG. But I am still not sure how to separate my apps or if what I am trying to do makes sense and if it will enhance my security and privacy from my current setup. So please I would be really gratefull for any insights on my plan.
I went to the forum and also the matrix rooms, but still not sure if the setup below makes sense or not.
My current setup on old ROM:
Main profile - only FOSS apps (signal, newpipe, browser, tusky, basic daily usage)
Work profile (via Shelter) - needed closed-source apps/not so friendly one - bank apps, app for vacuum robot, some delivery apps etc. Some of these uses MicroG, some are just not privacy friendly, but probably could work without google services
This works for me, despite I had to get rid off of some "nice to have" apps like mots of the games and so on.
Now for the GrapheneOS the plan is:
Option 1:
Main profile (be it owner profile or new profile) - Same as before - mainly foss and privacy respecting apps needed for most of daily usage - no google services, no privacy intrusive apps
Second profile - Necessary apps either dependent on google services or not so privacy friendly (e.g. robot vacuum app) - either Aurora or Google Play with throwaway email
Third profile - Just for games
The above also counts with just using apps not tied to my identity from outside the app - meaning not using in-app purchasers using google etc. If I need to purchase something from Google Play, it depends if keep it in the same profile, or to have another one with google play tied to me (and thus separate is from other google play apps not directly tied to me)
Option 2:
Main profile - same as above, daily usage, foss and privacy friendly
Work profile (on Main one, cannot be anywhere else what I found) - not that nice but needed apps which does NOT rely on google services - e.g. installed via Aurora - vacuum robot app
Second profile - strictly apps which needs google services
Third - same as above, games only/mainly
The advantage of Option 2 is convenience, but on the other hand I do not have that much apps in this category, so probably it is not worth it in the end.
Just please, if you can do a sanity check here and let me know if this setup makes sense and IF it will be from privacy and security point of view better then my current setup or even if it will be much worse (lets say because of the Third profile for gaming - which is not needed but if the option is there and the privacy and security downside is not that huge, it would be nice to sometimes play something).
Note to me threat level, I am tech geek, doing this from sane security perspective and the privacy stuff is purely ideological, do not want to share then what is necessary :)
Thank you very much for any insights and tips and really looking forward to start using GOS.