>Do not use devices that can be trivially tracked through the cell network, or that can be surveilled by big tech. This means a device bought anonymously, a free/libre OS like Graphene
GrapheneOS isn't magically exempt from cell tracking, and both android and ios phones can go into airplane mode and have location disabled, which provides similar privacy.
>and an anonymous SIM paid for with cash or crypto. This should be done by everyone to avoid the possibility of mass surveillance, not only people who have something to hide from a three-letter agency.
No, it's much harder than just "an anonymous SIM paid for with cash or crypto". You need to practice proper opsec. There's no point getting an anonymous sim when you then turn around and then use it as a 2fa number for your bank, or carry it around with you every day.
> GrapheneOS isn't magically exempt from cell tracking, and both android and ios phones can go into airplane mode and have location disabled, which provides similar privacy.
You practically can't do anything on a Googled Android device or iOS without a Google or Apple account, so no, they don't provide "similar privacy." The point of a FOSS system is that the user fully controls it, and can install apps privately from any source.
>You practically can't do anything on a Googled Android device or iOS without a Google or Apple account, so no, they don't provide "similar privacy."
If you're talking about not being able to install third party apps, aurora store doesn't require an account and works fine on stock android. Most other basic functionality works fine too, eg. camera, calls, browsing, maps.
> If you're talking about not being able to install third party apps, aurora store doesn't require an account and works fine on stock android. Most other basic functionality works fine too, eg. camera, calls, browsing, maps.
The Play Store is not the only issue with stock Android devices. Google dependencies run with high privileges and the device is constantly communicating with Google servers for one reason or another. You do not own a Google device for all intents an purposes. The main contribution of Graphene here is that it strips out the proprietary blobs and optionally provides an environment to run Google's libraries with unprivileged access.
The point about de-Google'd Android vs your insistence on GrapheneOS is that by the time you are using Google's libraries, like Maps, Play Services, or their notification service (Firebase, IIRC), you've already lost. GrapheneOS is not dramatically better than de-Google'd Android if you're still sending all your notifications through Google, as well as your location and things like contacts
The point is you have to leave Google with both for it to do much good
> insistence on GrapheneOS is that by the time you are using Google's libraries, like Maps, Play Services, or their notification service (Firebase, IIRC), you've already lost.
Graphene offers the option of sandboxing Google apps should you want them. The usual setup is a second user profile with all the Google stuff in it. My main profile only contain FOSS apps and nothing passes through Google's servers. I use the Google profile for the maps with a dedicated account maybe once a month when driving somewhere unfamiliar.