So i am installing GrapheneOS rn and i need help:

  1. i want app tracking protection to every app something like duckduckgo’s app tracking protection if there is something better?!

  2. someone explain me (with simple words) what is auditor cause i can’t understand even if i read about it on GrapheneOS’ website (i am like 50% noob with these things)

  3. is my wifi masked automatically with GrapheneOS or should i 100% use a vpn? is there a setting in the OS somewherere? i need a lot of privacy and security to my phone!!!

also tell me additional tips for privacy/security for GrapheneOS if u have any!

thanks a lot!

  • Noble Bacon@lemmy.ml
    link
    fedilink
    Português
    arrow-up
    0
    ·
    1 day ago

    I’ve been using Graphene for a while. Here are some things i’ve changed and found useful:

    I really like the storage scopes feature. Whenever an app requests access to storage/contacts, i setup scopes for it. This feature alone makes me never want to leave Graphene.

    I also really like the random mac adress feature. Whenever i connect to wi-fi, my mac adress gets randomized to appear as a different device, (except on my LAN, otherwise, my router would be flooded with different devices that in reality, are the same).

    Multiple profiles is also a nice feature. I’ve used them before, but now i just use everything under the root profile, even Google services. Since they run in a sandbox, i’m ok with it. This is probably something you want to avoid if your threat model requires you to, but i have found that for banking apps, it was a major drawback for me, that i had to switch profiles everytime i wanted to acess them. And even worst, if i wanted to send documents over e-mail, since my e-mail was on my non-Google profile, it was very annoying, so, i simply went with everything under root.

    The on/off toogle for camera & microphone is also really nice. I use it all the time.

    I’ve also set a 1 min timer to disable my wi-fi when i have no active connection, (e.g when i leave my house).

    I’ve changed my DNS to a more private one, (currently using family.dns.mullvad.net).

    On settings, if you go to NFC, you have an option to request device unlock to use NFC. I’ve set this to on, dispite having NFC off all the time.