Need help deciding between a few privacy setups

Hey everyone,

I’m re-evaluating my tech setup for privacy and digital balance. I’ve been on a digital detox for a while, no social media, minimal app usage, but I’ll probably have to use a phone more once I’m back on my feet (currently recovering from an injury and on bed rest, using my Linux laptop most of the time).

I’ve gone down the privacy rabbit hole quite a bit. I even tried LineageOS without GApps on my OnePlus 12, but unbricking that thing made me swear off custom ROMs on non-Pixels. So, I’m rethinking everything.

Here are the options I’m considering:
(Feature phone for personal simcard > calls and sms)

Option 1: iPad + Feature phone + Cheap Android for work
Apple still collects data, not open source, + all the ipads i can afford are 60Hz.

Option 2: Pixel + GrapheneOS + Cheap Android + Feature phone
Where I live phone taxes are so high that I can only afford a pixel with a repaired imei, so, I am concerned whether flashing GOS would revert the imei or void it.

Option 3: iPhone + Cheap Android for work + feature phone
Again I would have to trust apple and my iphone wouldn’t run the sim card unless I pay twice the phone’s amount in taxes.

Option 4: MacBook + Feature phone + Cheap Android
Apple silicon is powerful but less private than Linux, high cost.

Option 5: Fedora laptop + Waydroid (LineageOS without GApps) + Feature phone + Cheap Android
I am currently running fedora with waydroid. but fedora doesn’t support a lot of stuff that I want to get into. (video editing and lack of MSoffice)

Right now I’m torn between Option 2 and Option 5.
Option 5 fits my current routine since I’m mostly home, but once I recover and go out more, I might need something portable.

If you value privacy, separation of work and personal data, and minimal smartphone use, which option would you go for long term?

Would love to hear from people who’ve actually lived with GrapheneOS or Linux-only setups.

Are you using it to frequently communicate with people or mainly just to sign up for services? If the former, you may be better off using a phone that supports iMessage or Google Messages (depending on what’s more popular in your area) so you can have end-to-end encrypted texts so long as others won’t communicate with you over a secure messenger like Signal.

Option 2 is definitely a great option and you could ask the GrapheneOS forum regarding your concern. I could understand wanting to avoid social media but ideally you’d be able to have enough self-control to avoid it if you go that route. There are tricks like setting your screen to grayscale to make it less appealing. Though I don’t want to downplay anything if you had some sort of addiction. If that’s the case, perhaps option 5 is the way to go.

ONLYOFFICE or LibreOffice should work mostly fine, if not you could also try Microsoft Word over WinApps. If that seems too complicated or still doesn’t work for you then I’d give in and go for either a MacBook or iPad depending on how portable you want your device to be. From what I heard (not personal experience), MacBooks are less restrictive than iPads and therefore sorta give you a bit more freedom to protect your privacy from Apple a bit more. You might wanna skim some privacy tutorials such as any guides Techlore has for both Mac and iOS/iPadOS to get an idea of what I mean.

I haven’t bought it yet, I intend to use it for calls, sms and signing up for services. I won’t be using sms unless there are no other options, I am using signal app currently on my linux pc and whichever option I go with it’ll be my preferred messaging app whether its GOS pixel, mac or ios.

I have already asked in the GOS community but I think its a very niche issue and probably no one would be able to guide with certainty.

I am using libreoffice, its fine but as a writer its not great, I don’t enjoy working on it.

Thanks for your input, I am definitely leaning towards option 2 if I can get some surety about the imei thing and if not then option 4>1>5 in the same order of preference.

If that’s your only issue with Linux, I’d definitely at least give ONLYOFFICE a try before switching to Mac. It has a more modern interface and it should have better compatibility with Microsoft document types. I forgot to mention in addition to WinApps, there’s also Microsoft 365 Online which runs in your browser and shouldn’t require any fancy setup to get running. It doesn’t have every feature, but a lot of Linux users keep it as a backup in case Microsoft formatting is ever screwed up on LibreOffice or ONLYOFFICE.

Thanks I’ll check it out, but the reason of buying a mac is that its a very capable computing device as compared to my intel 10th gen laptop, so it’ll allow me to try out more stuff which I eventually want to get into, but like you said in your previous reply, once I get better I’ll end up requiring a phone so pixel 9 GOS setup still looks the strongest provided it works in my situation.

Just another thought, what if I carry my work android (banking and govt apps) and a feature phone for calls and sms when I am on the move, and a mac for my work with dreaded whatsapp and signal for when I have to socialize, this will limit my phone usage to the bare minimum and I can try to personalize/secure the mac to the maximum, it won’t be as secure as linux but it will be much more capable.

That works to minimize your smartphone use, but you may be encouraging people to use SMS instead if that allows them to get ahold of you sooner or for emergencies. I am a bit confused by what a “work phone” is. Until now I assumed it was strictly for business, but banking and government apps are quite personal.

Is this work phone under a personal phone plan tied to you or heavily associated with your name? If so, I’m not sure if there’s much use for carrying around a feature phone. You could have one to sign up for services if it serves as a somewhat anonymous phone (both the device and phone plan must be purchased in cash and you cannot give up any personally identifying information for this to be the case) but if your “work phone” (which just sounds like a general use phone?) has a number tied to it, you may as well just stick to that so you can use Signal wherever possible.

VoIP providers like JMP Chat or MySudo would allow you to have multiple numbers on one device in case you need separate identities, but if everyone knows you by the same name and adds you to their contacts under that name, there’s little benefit in doing that.

A more advanced all-in-one solution could be to anonymously purchase a GrapheneOS phone and pre-paid data plan, never use its true number, and only stick to VoIP numbers for proper separation. You’ll probably still need a backup genuine phone number for services which require it, so a feature phone could still be useful. If your finance apps prohibit use on GrapheneOS and you tested that they don’t work well in a mobile web browser, instead of a feature phone your “backup” phone could just be a cheap smartphone. (A new low-end Samsung Galaxy gets you the best value as it’ll receive security updates for much longer than other budget smartphones.)

Sorry if I got too much into the weeds but I’m really confused by what you’re trying to separate and how you plan to do it. Achieving strong separation by using multiple devices costs time, energy, and money. I only go into detail because doing it sloppily probably isn’t worth doing at all.

I appreciate the input, a lot.

So, the way I intend to do it is use the feature phone to get in touch with friends and family when I am on the go, I get your point that people might just sms me, but where I live, very few people have sms packages (sms included in their plans) so they are likely to text me on whatsapp , and I have already moved my close friends and family to signal, so they’ll text me there if I don’t pick up their calls. (both WA and signal currently running on the fedora machine)

As far as the work phone goes, I will use it for my work, to get notifications and stay in touch with my clients on apps like fiverr, upwork and linkedIn, etc. I withdraw the payments from those apps to my paypal, payoneer and other banking service accounts, so they are on this same work phone as well, now my personal bank account will also be on this phone, since i transfer funds into it for my local use. I know it’ll be ideal to buy a separate GOS device and isolate all this stuff in GOS profiles and restrict play services access, but for these apps, I need something that “just works” and since all these apps are directly tied to my real ID, I see no point to ward off Google data collection when these apps refuse to run without google play services. So, this work phone runs all the apps which require gplay services + are tied to my real ID. [+ To avoid people texting me on my feature phone I could run whatsapp or signal on this “work phone” just to respond to them on the go, but that might defeat the purpose of my attempt to limit social media apps, but more privacy centered than a sms here and there when I don’t pick up on the feature phone. (what do you think?)]

For the primary device, where i want to use all the personal apps and browse without linking it back to my ID or email, anything whatsoever, I am still confused between the p9 GOS, ipad, macbook…
But for now I am very okay with the fedora laptop and running waydroid on it for whatever little personal apps i want to run on it, i use browser profiles on librewolf to isolate my work and personal profile. Honestly, so far I don’t even see the need to buy a personal device, maybe upgrade this fedora machine to a macbook if i run into a wall, performance wise.
I am still on bed-rest and might be for quite a few more months, by the time I recover, I guess I would have decided on the personal device, ipad seems reasonable now since i can draw on it and take advantage of its functionality in bed, but I am afraid as soon as I recover it’ll just be sitting on the table.

Apologies for the lengthy response, I am quite new to this privacy conscious lifestyle and I am loving it.

A good privacy stack is local-first, as GHOST (a blogger I read religiously) explains here:

He has over 80 articles, probably creeping up to 90 or 100 by now.

For this setup, you’ll probably be recommended to get a Google Pixel 9 (not a 10, because bad batteries) or earlier (if still supported) with GrapheneOS, or wait until the Graphene OEM model comes out soon. That could probably be used as a non-sim phone. Your other one with LineageOS, without GApps, on the OnePlus12 is fine I think for SIM. However, if you want to make the OnePlus your non-SIM phone, and your Graphene devices your SIM phone, that’s not an issue either.

If you need an iPhone for some reason, get one that’s used and in good condition (much more affordable that way). Put it on Lockdown Mode if you can, and only have that as a work phone if necessary. I’d try to get Android with what I mentioned above, but they might have a desire to put bossware on your device (basically, spyware your employer installs, which there’s an article on GHOST’s blog to deal with that).

For a laptop, I’d stay away from Fedora and/or RedHat based stuff due to what’s being forced on those distros (Wayland, PipeWire, systemd, etc.), and instead, use something like Linux Mint, Pop_OS! (both Ubuntu-based), CachyOS, vanilla Arch Linux, or Artix Linux [systemd-free Arch] (Arch-based).

Now, I get it, most of it’s systemd, PipeWire and Wayland, but you have the option to keep them or use X11/XLibre, PulseAudio and JACK bridged, and for Artix, Void, MX, and some others, other PID1 such as S6, SysV-Init, Runnit, OpenRC, etc.

If you especially want to do video editing, I’d stick to Mint, Pop, or Cachy (I daily drive Cachy), and use Kdenlive, AppImage format unless the OS package works for you. For MS Office compatibility, I’d stick to OnlyOffice if you wanted that. All of them are local-first.

I can break this down into simpler terms if you need me to.

For a laptop, I’d stay away from Fedora and/or RedHat based stuff due to what’s being forced on those distros (Wayland, PipeWire, systemd, etc.), and instead, use something like Linux Mint, Pop_OS! (both Ubuntu-based), CachyOS, vanilla Arch Linux, or Artix Linux [systemd-free Arch] (Arch-based).

Now, I get it, most of it’s systemd, PipeWire and Wayland, but you have the option to keep them or use X11/XLibre, PulseAudio and JACK bridged, and for Artix, Void, MX, and some others, other PID1 such as S6, SysV-Init, Runnit, OpenRC, etc.

I think I’ve seen enough Linux distro elitism flamewars to spot an instigator in the wild…

This right here is how you get people to run away from Linux entirely.

Sorry but from a security perspective, this is terrible advice. This user doesn’t seem to have any issues with using Fedora that are inherent to it and they definitely don’t seem to be a power user who’s capable of safely configuring and using “DIY distros” like Arch/Artix/etc. Switching away from Fedora (which is widely recommended as the best distro for beginners by Privacy Guides, PrivSec, and Techlore) could only harm their security with little or no benefit to any other aspect of their experience.

I think I understand what you mean a bit more now. So just to be clear, is the inclusion of the feature phone purely to prevent you from using a device capable of accessing social media? If so, it makes sense. I just wanted you to understand that I don’t see much of a privacy benefit in it.

But if you were looking to divide things up for privacy reasons, I’d suggest considering my recommendation for the GrapheneOS setup I alluded to earlier which involves using VoIP numbers. Michael Bazzell has a “Mobile Devices PDF” book that goes into detail on this subject if you’re interested. He’s not selling it anymore as he wasn’t making enough money due to piracy but still posts updates to his blog. I won’t condone anything illegal but I’ll just mention that since he is not selling it anymore, it can no longer be legally obtained and people pirating that book today aren’t hurting his business as there’s literally no way to pay for it anymore. Anyone looking to support him today can pay for his UNREDACTED magazine which will be continually updated.

Yes that is a major part of it, and according to my understanding a smartphone is less privacy friendly as compared to a feature phone because its sending location data more frequently, on the feature phone, if I take out the batteries and run it on 2G, I can prevent the tracking element + achieve the minimal setup as compared to using a smartphone.

I will check out the other links you mentioned below.

But again just for confirmation, my current setup";

1. fedora laptop for work and personal and anonymous browsing in separate browsers/browser profiles
2. a feature phone to make calls
3. an android phone for work
4. waydroid in case I use an app that must require a mobile device to setup

Offers enough privacy?

And my future plan is still a bit unsure but so far I have decided to use one of the following (in the order of preference) in addition to the feature phone and work android;

1. save up for a mac
2. pixel 9 with GOS
3. buy an ipad for creativity
4. buy an iphone

This is exactly why I use fedora, I use my laptop for work, so I want consistency. Not that those other distros @Neigdoig mentioned are bad, I do want to try arch someday, but maybe when I have a larger ssd to dual boot or when I have a spare machine to try it out.
I can’t be troubleshooting during work.

Again apologies for making a few assumptions about arch, I have never tried it out.
And I saw techlore rank fedora pretty high on his distro tier-list (which i know is always super subjective) but as far as I know, it is open source and offers secure and stable environment.

Money seems to be an issue for you and most of your plans require buying stuff and having a lot of devices. So let me throw in a different plan:

If your Laptop is recent and powerful enough and you can upgrade the RAM (to 32 GB), consider using Windows in a virtual machine (Virt-Mnager (VMM) or VirtualBox). That would cover all your office needs.

For Video Editing there is Kdenlive or the paid Version of DaVinci Resolve, that work great on Linux. - The latter can be a pain to install though.

For your your phone. I’d recommend just a Google Pixel with GrapheneOS a FairPhone with /e/OS preinstalled. You can have work and private stuff on the same device and keep them separated, via a Work Profile (Shelter or Insular) or even different User Profiles.

If you did a digital detox, I assume you have problems with social media and their like. Waydroid is a great idea to get some separation from those toxic apps. Maybe go even further and setup a Raspberry Pi 500 with Waydroid, so you have a special place to indulge in unhealthy apps and they are not with you all the time. - And at least as important to separate yourself from unhealthy stuff, is to find healthier stuff to indulge in, that is at least equally accessible to you. - My thing is listening to audio books for example. I can do it anywhere, anytime and in any state of mind and I never regret the time “wasted“ on it.

It’s literally because of Wayland, and yet, I use X11/XLibre, which is much more secure than even the likes of Wayland… especially since it’s splintered, and that’s worse for security.

Proof is here:

It’s quite complicated. A lot of feature phones sold today have some smartphone capabilities, so exactly how much application-based tracking could be going on really depends on your device. Even in the best case scenario, a complete dumb phone could still be triangulated by cell towers. I can’t recall if that’s something done en mass but Michael Bazzell (in his podcast and maybe his book) details how easy it is to do even for those who aren’t law enforcement.

Then there’s the major downside to feature phones which is that they’re terrible for security. You can’t protect anything stored on it or anything sent to and from it. On the contrary, a de-Googled smartphone (ideally GrapheneOS but there are cheaper yet less secure alternatives) at least has some semblance of security as anything stored on or transmitted to/from the device can be encrypted. You also get the added benefit of being able to use it as an anonymous phone if you purchase the device and plan anonymously and exclusively use VoIP numbers. (Again, you can take it even further as discussed in the book.)

Whether it is “enough” depends on your threat model. I could see why you’d go for this setup so I won’t say not to, I just have 2 main notes:

1. Just to reiterate, your setup with the feature phone isn’t ideal for privacy or security but if you struggle with avoiding social media apps on a smartphone I could understand why you’d have to resort to it.
2. Installing apps like Signal over Waydroid potentially downgrades the security of your Signal communications. Mobile devices are generally much more secure than desktop devices and Waydroid in particular seems to be especially bad in regards to security. Whether you think you should be concerned about that is up to you, but if you decide to use a de-Googled (preferably GrapheneOS) phone in place of the feature phone, it’d probably be safer installing Signal there. (Of course you can still install their desktop app on Fedora for convenience.)

What is more secure about X11/XLibre? At least the half of the list from your link is not even true or even something X11 is also affected. And I am using Wayland, because X11 just crashes a very important application (that one I am mainly working with) within 30 seconds after start. There are good reasons to use Wayland right now. And of course Wayland has issues and I am also affected by some edge cases X11 does not have.

An 1h answer to your source: https://inv.nadeko.net/watch?v=nWnBg8zGAeU.

A few unsubstantiated bullet points do not qualify as proof. I’m not gonna bother responding to each point because they’re quite silly and I’m also not the most qualified person to talk about Linux security (which is why I defer to experts such as security researchers and security-focused distro maintainers who unanimously agree X11 must be swapped for Wayland) but this seems like some pretty dangerous misinformation.

Modern sandboxing doesn’t require Wayland: Linux already has robust container and namespace isolation technologies

… Seriously? The author is demonstrating they’re trying to refute an issue without even understanding what the issue is:

Desktop users need functionality over isolation: Most desktop users run trusted applications and need them to work together

This implies X11 isn’t as secure in order to preserve “functionality”. So one second X11 is more secure and therefore better than Wayland but the next it’s more lax and that’s actually a good thing! Which is it?

Great points, I didn’t know this…

So, I either go with the more digital detox setup of feature phone, or the more secure grapheneOS one.
Thank you so much.