Wow, really insightful and interesting read 🙏
Re separate user profiles on Android, is there any way possible of achieving this on a Samsung Galaxy?
Everywhere I've looked says it's not, just Pixel and tablets. (For many reasons but I really want to box off Google Play Services. Next step a Pixel and GrapheneOS).
Or just don’t buy an Android device.🤷🏻♂️
👍 absolutely this. Its a phone I purchased before I knew this world existed and I'm not in a position to buy a new one. So learning, learning, learning for now 👍
Totally fair—and you’re right to just learn and work with what you have.
Most Samsung devices don’t support true secondary user profiles the way Pixels do, so you’re mostly limited to things like Secure Folder. It’s better than nothing, but it’s not real OS-level isolation.
And for what it’s worth, Apple isn’t meaningfully better here. Different tradeoffs, same surveillance realities, and even fewer options for compartmentalization.
Pixels with GrapheneOS can still make sense for isolation. But Google has been tightening the ecosystem—locking custom ROMs out of hardware driver access and forcing projects like GrapheneOS to reverse-engineer components they previously had direct access to.
At the same time, there’s increasing pressure on sideloading through Play Protect, more apps opting into attestation that blocks custom ROMs outright, and growing dependence on Google Play services. That combination makes the path more constrained than it used to be, and it’s part of why GrapheneOS is moving toward its own hardware.
GrapheneOS support for existing Pixels continues, but it’s under growing platform constraints.
Threat model first. Work within constraints. Practice privacy and security through isolation and compartmentalization. Improve over time. You’re doing exactly that.
What a legend 🙏 - I assumed that that Play Protect was a crock of shit and turned it off. I'll get up to speed on Secure Folder and most likely bite the bullet til GrapheneOS release hardware in the future.
This is golden: "Threat model first. Work within constraints. Practice privacy and security through isolation and compartmentalization. Improve over time."
I was speaking from a privacy perspective, straight out of the box, which Apple clearly cares about, otherwise they wouldn’t offer so many built in options.
Android doesn’t offer any of that without heavily modifying the device and having to settle for certain devices to gain a certain level of security/privacy, isn’t really an option I chose to follow anymore. Almost a decade was all I was willing to give Android.
It didn’t help that Google screwed the pooch by removing the dedicated recovery partition, making on the fly flashing impossible. That’s if you can even find something to flash. Ever since Alex, from DU, and Martin (passed away in 2020), from GZR, stopped updating source, most people just copy/paste change a header and they call it a new ROM. Then when thyme run into problems they don’t know what to do because they’re not actually developing anything.
Is kdragon around? He was Android’s last best hope.
I also don’t have any Google apps on my phone so sandboxing isn’t really a concern.
I get where you’re coming from. I used to be an Apple girl.
Apple does privacy well by default, but it’s a model that assumes Apple itself is trusted.
You get strong defaults, but only if you’re comfortable with Apple sitting in the middle.
iOS is closed-source end-to-end, the baseband is opaque, App Store control is absolute, and a lot of data handled by Apple services is still accessible to Apple.
We’ve already seen how this plays out—Apple admitted that contractors were listening to real Siri recordings, including private conversations, and had to backtrack after public backlash. That’s the trust model in practice.
Apple also uses user data to advertise—just differently than Google. Google’s model is third-party and ecosystem-wide; Apple’s is first-party and vertically integrated. Different mechanics, same outcome: your behavior is still being used to influence and monetize you, just internally.
GrapheneOS is built around a different assumption: minimize trust in any single party, harden the OS, reduce attack surface, and give the user explicit control over isolation, permissions, and data flow.
Apple offers strong baseline privacy within boundaries Apple defines. GrapheneOS is for people whose threat model includes the platform vendor itself—not because Apple is uniquely bad, but because trust minimization is the goal.
I miss my iPhone ngl, I don't know why I got rid of it
...not because Apple is uniquely bad...scoff scoff...😉
There are definitely trade offs, I admit that, but for me the trade off is worth it. The integration with their other hardware products, for example. I bought a beats pill a couple weeks ago, at the time not knowing Apple had acquired it. Now I have a whole new option integrated right into the setting menu, with a lot more customization than I had with the motion+.
I know that sounds like a little thing, but all of those little things add up to a rather enjoyable experience. They also do animations and theming better. Again, little things.
I was with you on this for many years, but the hostility of the US tech industry, and the worsening stability of otherwise superficially buttery smooth and expertly designed animated UIs made me question my allegiance. Once I tried to get off and realised how walled-in I was — of course all of the nice "integrated" Apple experiences lack data portability — that was the nail in the coffin for me. Horses for courses.
I think it’s important to know as much as you can about a platform if you’re looking to join it. I knew what Apple stood for, I laughed at them for years from the other side of the fence. I’m just at a point in my life where I am looking for something a bit simpler to use. It’s also the first device where I felt like I was getting my money’s worth.
If I’m being honest, the only device that has a chance of getting me back to Android, would be the ROG, those devices are spec’d out and ASUS is a company I have never bought from. All of the big name companies I have already used and for one reason or another, I moved on. The last Android device I had was the P4XL and it didn’t take me long to realize that their hardware products are trash.
And again, because Android is horribly optimized and highly unsecure, I always had cut software on them, and since the custom ROM scene is pretty much dead, there was no benefit for me to stay with them.
At the end of the day, what works for me may not work for others and vice versa, but it still doesn’t change anything about my original reply.
hey -- we want to send you a test zap, but couldn’t find a NIP-05 or ⚡ lightning address on your profile. u can set one up for free on rizful https://rizful.com ... then pls reply here and we will do a test zap.
My reaction when Apple talks about being privacy-focused.
